0

I've been reading a bit about how to provide application properties to my jee project for some time ago.

By aplication properties I mean for example where the database is located, or the user or password...

There are several ways to achive that:

  1. Using a project .properties file. Problems:
    • critical information (user, password, API keys... are in this file),
    • this information can change according the target machine (I could set up a machine with a mysql using a user1 and by other hand I could set up a machine with a mysql using user2). The content of this file shouldn't be maintained on source code.
  2. Using OS environment variables.
    • There are some peaple that prefers this way to provide properties. Nevertheless, I think it's not quite a safer way to achieve that. Anyone get access on the machine is going to be able to read the content of these environment variables.
  3. I've also read that it's able to use web.xml but I don't quite know how could I get my goal.

Is there any best practices guide for getting this?

Jordi
  • 15,016
  • 25
  • 94
  • 208

1 Answers1

0

I think the third point of your post can be considered as a best practice. You can control the settings in web.xml and using different once for different environments. To achieve that, you can pass the properties file in and read from it at runtime.

<context-param>
    <param-name>propertiesFile</param-name>
    <param-value>propertyFile.properties</param-value>
</context-param>

You can then load the property at runtime :

Properties properties = new Properties();
GenericServlet myServlet = ...;
String propertyFileName = myServlet.getInitParameter("propertiesFile");
properties.load(getClass().getClassLoader().getResourceAsStream(propertyFileName));
Object myProperty = properties.get("myProperty");
Maximilien Belinga
  • 2,806
  • 2
  • 20
  • 36
  • The problem appears here is that any developer is going to be able to get access to this information... isn't it? – Jordi Mar 08 '17 at 07:26