我已经在tomcat和jboss服务器中部署了project war文件,数据库源代码是通过jndi获取的。
以下是服务器容器中定义的示例db配置。我在这些文件中有硬编码的数据库凭据。
配置xml文件中定义的jboss 7数据库配置
<datasources>
<datasource jndi-name="java:/test" pool-name="test" statistics-enabled="true">
<connection-url>jdbc:mysql://localhost/test?zeroDateTimeBehavior=convertToNull</connection-url>
<driver>mysql</driver>
<pool>
<min-pool-size>5</min-pool-size>
<max-pool-size>60</max-pool-size>
</pool>
<security>
<user-name>abc</user-name>
<password>abc123</password>
</security>
<validation>
<valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLValidConnectionChecker"/>
<validate-on-match>true</validate-on-match>
<background-validation>false</background-validation>
<exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLExceptionSorter"/>
</validation>
<timeout>
<blocking-timeout-millis>5000</blocking-timeout-millis>
<idle-timeout-minutes>35</idle-timeout-minutes>
<query-timeout>300</query-timeout>
</timeout>
</datasource>
<datasources>conf/context.xml中的tomcat 8数据库配置
<Context>
<!-- Default set of monitored resources. If one of these changes, the -->
<!-- web application will be reloaded. -->
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
<!-- Uncomment this to disable session persistence across Tomcat restarts -->
<!--
<Manager pathname="" />
-->
<Resource name="datasource/test" auth="Container"
type="com.mchange.v2.c3p0.ComboPooledDataSource"
factory="org.apache.naming.factory.BeanFactory"
user="abc"
password="abc123"
jdbcUrl="jdbc:mysql://localhost:3306/jacplus"
driverClass="com.mysql.jdbc.Driver"
minPoolSize="2"
initialPoolSize="30"
maxPoolSize="50"
idleConnectionTestPeriod="600"
acquireRetryAttempts="30"/>
</Context>出于安全考虑,我需要将这些硬编码凭证移动到aws secret manager,并在运行时检索它们。我看到的所有帖子都提到直接从代码中使用api/sdk,但我没有发现任何关于服务器集成的帖子。
我的问题是,有没有一种方法可以将aws secret manager集成到tomcat和jboss应用服务器,并将数据源用作jndi?
暂无答案!
目前还没有任何答案,快来回答吧!