2

Where should I keep Database username, password and url, to keep safe and secure as I trying to create secure production environment for my Java project, currently I am using application properties to save DB credential kindly suggest some good and secure way to keep DB credentials.

application.properties 

# This should be used only for credentials and other local-only config.
spring.datasource.url = jdbc:postgresql://localhost/database
spring.datasource.username = root
spring.datasource.password = root@123

Where should I keep for secure and production Spring boot project

amicoderozer
  • 2,046
  • 6
  • 28
  • 44
Sadina Khatun
  • 1,136
  • 2
  • 18
  • 27

1 Answers1

7

As you are using Spring Boot, you may pass the Database connection parameters at the startup of the application.

E.g. java -jar your-spring-boot-app.jar -Dspring.datasource.url=jdbc:postgresql://localhost/database ...

You can also set them as system environment variable:

export SPRING_DATASOURCE_URL="jdbc:postgresql://localhost/database" and then simply start your app as usual.

That way you only store the connection parameters on the server, where you actually use them and prevent accidentaly checking them into you code versioning system.

see https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-external-config.html

To increase security you could use the https://projects.spring.io/spring-vault/ or an external configuration server https://spring.io/projects/spring-cloud-config

Patrick
  • 133
  • 7