Reputation: 681
Fetching sensitive data from application.conf
I am trying to understand someone else´s Gradle project and need some help in understanding the syntax. In resources->application.conf there is configuration for username and password written this way:
login{
username = ${?USERNAME}
password = ${?PASSWORD}
}
Where does that syntax mean and where do I get the values of username and password? I am currently using intelliJ IDEA. If I know the values of sensitive data, is there anyway I can save these values without exposing them in the code?
Thanks.
Upvotes: 2
Views: 149
Answers (2)
Reputation: 73568
That's a system property, so the actual value would be determined at runtime from a property (e.g. passing -DUSERNAME=zimmer in a run script).
The way you could save them would be to have your run script pass the property, if you don't want to specify it manually every time.
Environment variables would be accessed with $System.env.USERNAME style, so my earlier answer assumed that it would search both system properties and env variables.
Upvotes: 1
Reputation: 114
Those are just placeholders which are being substituted when devops deploy the application. Usually used to hide sensitive information like username, password or secret keys. Also used to rotate sensitive information at a specific period of time.
Upvotes: 0
Related Questions
- How to pick up values from config files other than application.properties in Java Spring project
- What is the proper way to store app's conf data in Java?
- Gradle plugin to read secret (api-key, password) properties (like buildConfigField from Android plugin)
- Java/Gradle reading external config files
- Take configuration file out of jar and access it?
- Java equivalent to app.config?
- Simulate app.config for Java?
- Reading config files present inside the jar in Spring
- How can I store sensitive data in Java configuration files?
- troubles reading other apps config files