0

i have application.properties file

which has 

spring.profiles.active=local

and i have application-local.properties which has many fields including

api.password = password123

As you can see i have hard coded password123 in properties file.

Suppose i am on windows and i have app.properties file on windows which has 

 api.password = password123

And i want to read api.password in spring boot properties file through app.properties

How can i achieve it ?

Oracle Monkey
  • 75
  • 1
  • 2
  • 12
  • Where is the difference ? You don't gain more security just by adding a second file – Marged Sep 27 '19 at 03:40
  • do you want to read only that property? or all properties from `app.properties` file? – Ryuzaki L Sep 27 '19 at 03:56
  • 1
    Maybe you can put the password in your environment variables – fctmolina Sep 27 '19 at 04:14
  • @Marged i do I wont be app.properties to my GIT HUB It would be on Linux machine for each environment i.e DEV,UAT AND PROD – Oracle Monkey Sep 27 '19 at 04:20
  • @Deadpool I just want to externalize api.password – Oracle Monkey Sep 27 '19 at 04:22
  • 1
    I would suggest keep property in you application.yml only however when you start your application you can password from command line like java -jar -Dapi.password=mysecretpassword myApp.jar (you can also create bat/.sh file for it) but using it only on command line will ensure password is nowhere lying on machine – Shailesh Chandra Sep 27 '19 at 04:56
  • i don't need theory .i need the syntax. – Oracle Monkey Sep 27 '19 at 05:00
  • Possible duplicate of [springboot external configuration - profile specific configuration](https://stackoverflow.com/questions/51186918/springboot-external-configuration-profile-specific-configuration) – Marged Sep 27 '19 at 05:38

3 Answers3

3

Startup parameters

If you want to read properties from a non-standard location, you can start your application with --spring.config.location or with --spring.config.additional-location parameters.

$ java -jar app.jar --spring.config.location=file:./app.properties

https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-external-config.html#boot-features-external-config-application-property-files

@PropertySource

If you don't control startup parameters, you can use @PropertySource annotation. Simply annotate your main class (or any other configuration):

 @PropertySource("file:.app.properties")

You can set ignoreResourceNotFound=true, so the application will start, even if the file is not there.

https://docs.spring.io/spring/docs/5.1.9.RELEASE/javadoc-api/org/springframework/context/annotation/PropertySource.html

Read the documentation

There are literally 17 ways to pass properties to a Spring-Boot application.

I suggest, you get familiar with the convention, as it is crucial to understand which file takes a precedence:

https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-external-config.html#boot-features-external-config

Mateusz Stefek
  • 3,478
  • 2
  • 23
  • 28
1

Probably you can use --spring.config.location like below

$ java -jar myApp.jar --spring.config.location=file:/directoryof file/app.properties

Marged
  • 10,577
  • 10
  • 57
  • 99
Niraj Jha
  • 455
  • 3
  • 10
0

i used jasypt : https://github.com/ulisesbocchio/jasypt-spring-boot to encrypt the password, then you supply a decryption string (jasypt.encryptor.password) as startup parameter. That way no useabel password is in the configuration and on the git-repos.....

womd
  • 3,077
  • 26
  • 20