As you have seen by reading this chapter, configuring a datasource, either XA or non-XA, includes providing passwords. As long as you keep the configuration to yourself, there is no issue with that. But what happens if you are working with different people, or a different team, who are not related directly to your company? Would you mind giving passwords out? I guess you would, or at least you should.

Fortunately, JBoss EAP 7 (actually, since JBoss EAP 5) provides two ways to hide your password.

One way is to encrypt your password by using hashing. The other way is to use a vault to protect one or more password in one place. We will look at both procedures in detail.