Ask questions and see you at November, 1st, 6.PM. CET: http://www.ustream.tv/channel/adambien
Also checkout recent episode:
Please keep the questions Java EE-stic. Means: as short and as concise as only possible. Feel free to ask several, shorter questions.
Hi Adam.
Last time I asked about how to pass secret data in quarkus without checking in the secret to git.
Of course I know the often propagated way to use system or environment properties.
BUT: In my eyes it is not “production ready” when you write a DB password or sth like that to an environment variable.
By printing “env” someone (hacker, sysadmin, technican from outside the team) has the most easiest way to get my DB password. Often some servers also print out the vars in the log.
So I think, this is not a good way, especially to meet the requirements of security compliances of a company.
What is your opinion about that?
As we use payara as application server, there is a way to store these secrets as a domain password alias and reference it with simple Injections.
So my question last time was: Is there a way in quarkus to store and read a password safely not using system or environment vars.
Thanks.
Best regards from Hamburg.
Bastian