Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

hiding database password using codec specification in datasource.groovy not working

Tags:

grails

groovy

I am hiding the database password in datasource.groovy by doing

dataSource {
pooled = true
driverClassName = "com.mysql.jdbc.Driver"
username = "root"
password = "q59YgJCdHw3dshwlsa=="
passwordEncryptionCodec = DESCodec
dbname="mydbname"
}

followed the artilce : http://jira.grails.org/browse/GRAILS-3620

I run the groovy codec class separately to get the encrypted string like this: groovy grails-app/utils/DESCodec.groovy mypassword_string_text.

But After placing the DESCodec class in the Utility package in grails, when I try to start the server, it wont start but directly shutdown, It starts when I directly put the right password and comment out the codec and encrypted string. I am assuming it is not finding the codec class/anything else I am missing in the config like specifying the codec class requires quotes or any path change or I should change the algorithm, by the way the DESCodec class is the last codec class in the link.

I am working on getting the config to be environment specific and externalized, but I still need the password to be encrypted here, and then decrypted before connecting to the database.

like image 208
pri_dev Avatar asked Nov 04 '11 23:11

pri_dev

Video Answer

1 Answers

I think the best way to do this is to externalise environment specific configuration (especially passwords, but URL's, email addresses and so on too) and then protect the config file with proper permissions on the file system of the target machine.

In Config.groovy (for example):

grails.config.locations = [
    "file:/etc/${appName}/conf/db.properties"
]

and in the config file:

dataSource.username = "root"
dataSource.password = "secret"

I typically do this for production config, but keep dev/test config in the Config.groovy for convenience. When running in dev/test you simply get a warning at startup if it can't find the referenced config file. If it does find it, then it will override what's in Config.groovy

This has the added advantage of not requiring your war file to be recompiled and redeployed if any prod environment configuration changes, you simply change the config file and restart the app.

like image 129
darrend Avatar answered Sep 28 '22 04:09

darrend
Sign in to Comment

Related questions

Grails with Vaadin plugin, is it the right choice?
Architecting a Neo4j-Based Application - stick to vanilla API using plain nodes & relationships or use Spring/GORM?
grails spring security role and group
MACOSX - java.lang.NoSuchMethodError: org.apache.http.impl.conn.CPool.setValidateAfterInactivity(I)V
show all warnings in IntelliJ
Grails: nested command objects
How to authenticate user against spring Security in unit tests
Inject Services in Grails Unit Test
Grails java.io.File mocking
Best way to reference Bootstrap in a Grails 3 app
Request params and PUT method
Generate JSON With JSON-Views
Can I inject a service into a filter in Grails?
Is there a 'contains' functionality on a collection property of a domain object for createCriteria?
junit.framework.AssertionFailedError: No more calls to 'scp' expected at this point. End of demands.
Handling Grails transactions programmatically
How do I test if an Instance is persisted in the Database with GORM?
IDEA 14 and Grails 3.x unindexed remote maven repositories found
Grails: How to dump an object's properties?
indirect jar conflict between spring-security-rest and guava causing NoSuchMethod error

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!