0

I am implementing an Email service on my backend with Spring Email. There are a lot of good examples on how to do that but I can't see a way to avoid having to store the password for the account as plaintext in a config file or so:

spring.mail.username=office@company.com
spring.mail.password=the-password

If there a better way to do this?

I do not quite see the point of doing this because in my case I'd have to store the password in my Procfile (used by heroku to start up the server):

web: java $JAVA_OPTS -Djasypt.encryptor.password=<still-not-safe> -Dserver.port=$PORT -jar target/*.jar

and that's just moving the password from one config file to another.

Stefan Falk
  • 23,898
  • 50
  • 191
  • 378
  • Possible duplicate of [Spring Boot how to hide passwords in properties file](https://stackoverflow.com/questions/37404703/spring-boot-how-to-hide-passwords-in-properties-file) – 1615903 Jan 14 '19 at 17:59
  • @1615903 What exactly is the point of doing this? I'll have to store the password elsewhere now but still in plainted or am I getting that wrong? – Stefan Falk Jan 14 '19 at 18:13

0 Answers0