Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Best way define important credentials in spring boot

When using Spring Boot application we use different application.properties files according to different environments.

We put important credentials like: database configurations, server IPs, admin username/password and so on.

I am worrying about what would happen if someone would obtain our application properties and get all important details.

Is there any good approach to put important credentials somewhere and obtain them in our Spring Boot application based on environment?

like image 962
Abhishek saini Avatar asked Jun 19 '18 12:06

Abhishek saini


People also ask

How should passwords be stored in spring?

Instead of using just the password as input to the hash function, random bytes (known as salt) would be generated for every users' password. The salt and the user's password would be ran through the hash function which produced a unique hash. The salt would be stored alongside the user's password in clear text.


1 Answers

Many techniques

  • Using tokens replacement (maven replacor)

    application.properties spring.datasource.password=#MY_DB_PASSWORD#
    tokens.properties #MY_DB_PASSWORD#=SECRET_PASSWORD

    where tokens.properties has an access protection

  • Using environment variable
    mvn spring-boot:run -Dspring.datasource.password=SECRET_PASSWORD

    or simply
    spring.datasource.password=${myDbPasswordEnv}

  • Using Jaspyt to encrypt your properties

like image 158
Halayem Anis Avatar answered Sep 17 '22 15:09

Halayem Anis