The org.eclipse.jetty.util.security.Password is for password obfuscation (OBF:) and verification (MD5: CRYPT:).
Its meant to prevent casual discovery of the password.
If an undesired user has access the XML, then they have the means to deobfuscate / decrypt the password too.
This fundamental truth remains unchanged no matter how complicated you make the obfuscation. (the org.eclipse.jetty.util.security.Password is present and must be able to deobfuscate for it to work)
We have no feature in Jetty itself to encrypt/decrypt a password during XML usage.
But that doesn't prevent you from creating your own class to do that.
You can call an arbitrary class/method in the XML and have it return the String form, just like you see in the linked documentation you provided.
Aka ...
<New id="DSTest" class="org.eclipse.jetty.plus.jndi.Resource">
<Arg></Arg>
<Arg>jdbc/DSTest</Arg>
<Arg>
<New class="com.jolbox.bonecp.BoneCPDataSource">
<Set name="driverClass">com.mysql.jdbc.Driver</Set>
<Set name="jdbcUrl">jdbc:mysql://localhost:3306/foo</Set>
<Set name="username">dbuser</Set>
<Set name="password">
<Call class="org.eclipse.jetty.util.security.Password" name="deobfuscate">
<Arg>OBF:1ri71v1r1v2n1ri71shq1ri71shs1ri71v1r1v2n1ri7</Arg>
</Call>
</Set>
<Set name="minConnectionsPerPartition">5</Set>
<Set name="maxConnectionsPerPartition">50</Set>
<Set name="acquireIncrement">5</Set>
<Set name="idleConnectionTestPeriod">30</Set>
</New>
</Arg>
</New>
The org.eclipse.jetty.util.security.Password.deobfuscate(String) static method exists here ...
So, create your own class/static method.
Put it in the server classpath, and you should be able to use it from the XML for your own purposes.
Eg:
<New id="DSTest" class="org.eclipse.jetty.plus.jndi.Resource">
<Arg></Arg>
<Arg>jdbc/DSTest</Arg>
<Arg>
<New class="com.jolbox.bonecp.BoneCPDataSource">
<Set name="driverClass">com.mysql.jdbc.Driver</Set>
<Set name="jdbcUrl">jdbc:mysql://localhost:3306/foo</Set>
<Set name="username">dbuser</Set>
<Set name="password">
<Call class="net.vmartinez.util.SecurePassword" name="localDecrypt">
<Arg>VGhpcyBpcyB3aGVyZSB5b3VyIGVuY3J5cHRlZCBwYXNzd29yZCBzaG91bGQgYmU=</Arg>
</Call>
</Set>
<Set name="minConnectionsPerPartition">5</Set>
<Set name="maxConnectionsPerPartition">50</Set>
<Set name="acquireIncrement">5</Set>
<Set name="idleConnectionTestPeriod">30</Set>
</New>
</Arg>
</New>
Things to consider:
- The decryption routines should use some information from the machine / os / install for a successful decrypt.
- A unsuccessful decrypt should throw a RuntimeException indicating a failed decrypt, but with as little detail information as you can get away with (don't want to help nefarious folks in your logs).
- Consider including the cipher algorithm in the arguments to localDecrypt()
- Perhaps the arguments should only reference a needed password by id, and the local install knows which one to return (useful for differences in DEV/TEST/CI/QA/PROD)
