I am using Elytron on WildFly 12 to store a datasource password encoded.
I use the following CLI commands to store the password:
/subsystem=elytron/credential-store=ds_credentials:add( \
location="credentials/csstore.jceks", \
relative-to=jboss.server.data.dir, \
credential-reference={clear-text="changeit"}, \
create=true)
/subsystem=datasources/data-source=mydatasource/:undefine-attribute(name=password)
/subsystem=elytron/credential-store=ds_credentials:add-alias(alias=db_password, \
secret-value="datasource_password_clear_text")
/subsystem=datasources/data-source=mydatasource/:write-attribute( \
name=credential-reference, \
value={store=ds_credentials, alias=db_password})
This works very well so far. Now I need a way to read this password programmatically, so I can create a PostgreSQL database dump.
I found a possibility but somehow it feels like an improper solution.
I am open to any better solutions.