Description of problem: In the Procedure 19.1. of the Security Guide the Step 5 does not work. It is not possible to pass a plain-text version of the password to the encode64(String password) simply because the encode64 method of the JaasSecurityDomainMBean class has a signature 'encode64(byte[] secret)' instead of 'encode64(String password)'. So in order to get an encrypted password it is needed to pass a comma/space-separated list of bytes corresponding to the password. Version-Release number of selected component (if applicable): 5.1.2, 5.2.0 How reproducible: Follow instructions in the Procedure 19.1. Additional info: It is not hard to produce a comma-separated list of a String in Java, but it needs a programmer intervention which IMO is not acceptable for a documented and thus recommended procedure. I would prefer to add an encode64 method to JaasSecurityDomainMBean that can accept the password in String.
Created a jira for tracking the issue in the product code, see https://issues.jboss.org/browse/JBPAPP-10607
A workaround is to use PBEUtils to encode password: java -cp ./lib/jbosssx.jar org.jboss.security.plugins.PBEUtils 8-char-salt iteration_count keystorepassword plain_bind_password