Reputation: 1399
How to secure liquibase properties (database password etc.) in springboot application?
While developing a springboot-liquibase application following this I need to specify the database username + password as liquibase.user and liquibase.password in the application.properties file. I am looking for a better secure way to use these parameter (dynamically fetched from some other place and use inside my java code) Is there a way to achieve this?
Upvotes: 1
Views: 2345
Answers (2)
Reputation: 7041
Spring Cloud Config
This project allows you to use an external, centralized configuration repository for one or more applications. You don't need to rebuild your application if a property changes. You can simply change the property in your configuration repository and even push the changes to all of your applications.
See this Getting Started Guide.
Upvotes: 1
Reputation: 15708
There are couple of things you can do:
You can encrypt you properties file using jasypt-spring-boot. For more details have a look at demo app
If you are developing distributed system, then spring-cloud-config provides server and client-side support for externalized configuration in a distributed system. With the Config Server you have a central place to manage external properties for applications across all environments
Upvotes: 1
Related Questions
- How to generate Liquibase changelogs with Quarkus using the Liquibase Hibernate extension?
- How to configure port for a Spring Boot application
- value not injecting in @ReuqestBody POJO from application-dev.properties - SpringBoot Application
- how can I access system properties using spring boot and Liquibase changeset yaml file
- Encrypting/Decrypting database password programatically in SpringBoot
- Liquibase in Spring boot application keeps 10 connections open
- Springboot application property with placeholder which is updated dynamically inside app
- How to store username and password in a secure way
- Where to store database password secure in java desktop application