SOLVED
Solution:
Using Jasypt. You can click here for more information how to set up. There is just one thing to mention. For me, it didn't work as if I configure the application.properties as they say. Therefore, you have to add one more line. These are the steps how to encrypt your credentials and configure them in application.properties:
- First you need to encrypt the string values running this in your terminal (NOTE: I am currently using Linux, so it may vary depending on your OS):
mvn jasypt:encrypt-value -Djasypt.encryptor.password=encryptorPassword -Djasypt.plugin.value=password
After running this you would see something like this:
ENC(MBTWfX8gqMevQe5CKW0pToMbajnpJk0zlb3yoooiSWPjkfYrE8TFNF6vDEMXTu/j)
This is going to be your encrypted value wrapped inside ENC().
You can then check if your password is actually encrypted. Run this command:
mvn jasypt:decrypt-value -Djasypt.encryptor.password=encryptorPassword -Djasypt.plugin.value=MBTWfX8gqMevQe5CKW0pToMbajnpJk0zlb3yoooiSWPjkfYrE8TFNF6vDEMXTu/j
And you should see your actual password. Following the same steps, you can encrypt your database name etc. as well.
- Now, you have to pass VM argument in your IDE, I am going to show you how to do in in IntelliJ. Go to
Edit Configurationsin the IDE and fillProgram arguments, thereforeapplythenOKbutton:
- Last step is to correctly set up configuration file, here I am showing how to configure it in application.properties file:
spring.datasource.url=jdbc:mysql://localhost:3306/db_name?serverTimezone=UTC&useUnicode=yes&characterEncoding=UTF-8
spring.datasource.username=root
spring.datasource.password=ENC(MBTWfX8gqMevQe5CKW0pToMbajnpJk0zlb3yoooiSWPjkfYrE8TFNF6vDEMXTu/j)
jasypt.encryptor.password=encryptorPassword
jasypt.encryptor.algorithm=PBEWithMD5AndDES
jasypt.encryptor.iv-generator-classname=org.jasypt.iv.NoIvGenerator
Now, your Spring Boot Application should just work fine. Good Luck!
I am currently using the latest version of Spring Boot(version 3.0.5) in IntelliJ IDEA. I want to hide my database credentials, username and password, in a good way then configure them in the application.properties.
Note: I am using Linux(Ubuntu) and you can assume that my credentials are correct.
As far as I know, a good way of handling this problem is setting up environment variables and configure them in the application.properties or whatever you are using to store your configuration properties.
Therefore, in the ./zhsrc file I set new environment variables: DB_USERNAME and DB_PASSWORD. After, I configured them in the .properties file. Here how it looks like:
click here to see the image.
However, it is like my environment variables are not recognized during the application running. I get this error:
2023-04-23 10:42:14 [main] ERROR com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Exception during pool initialization.
java.sql.SQLException: Access denied for user '${DB_USERNAME}'@'localhost' (using password: YES)
...
...
2023-04-23 10:42:14 [main] WARN o.h.e.j.e.i.JdbcEnvironmentInitiator - HHH000342: Could not obtain connection to query metadata
java.sql.SQLException: Access denied for user '${DB_USERNAME}'@'localhost' (using password: YES
I solved this problem using alternative way (I don't like it though). What I did is creating two script files (in the source root) named run_app.sh(this sets up the same environment variables temporarily every time during running the script) and stop_app.sh(this kills the process running on the 8080 port). If I don't have stop_app.sh, I can't run the application again, as it cannot be run on the same port. It was the way of killing the process on the 8080 port.
Why I don't want to run these scripts is that, if I want to write some tests I will face the same issue, then I have to create other scripts, specifically for my tests.
AGREE...Boring and long
How would you handle this problem?
