This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Correct place to store the DB credentials

 
Maneesh Godbole
Saloon Keeper
Posts: 11021
12
Android Eclipse IDE Google Web Toolkit Java Mac Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I got one servlet based application, which connects to a DB among other things.
Right now I am hardcoding the DB credentials.

We will soon be shifting to Beta phase, where the application will be test deployed at multiple client sites. Obviously the DB credentials need to be changed for every site.
I was wondering if the web.xml is the correct place to put these credentials? This would certainly avoid me the hassle of rebuilding it every time, but I am not really comfortable with the credentials lying out in a human readable format.
I am being paranoid over this, considering that the web.xml is not accessible to the public?
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64623
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As we're using Hibernate, the credentials never appear at he UI layer, but in other situations I've tended to put then in external properties files.
 
Maneesh Godbole
Saloon Keeper
Posts: 11021
12
Android Eclipse IDE Google Web Toolkit Java Mac Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hibernate is not applicable in my scenario.

Any particular reason for the properties file instead of the web.xml? Are there any problems if they are in the web.xml?
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'd second putting stuff into properties files instead of web.xml. DB configuration has nothing to do with web setup (which is what web.xml is about).

These days, the only parameter I keep in web.xml is the name of the properties file that has all the configuration data.
 
Maneesh Godbole
Saloon Keeper
Posts: 11021
12
Android Eclipse IDE Google Web Toolkit Java Mac Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ok.
Thanks Bear, Ulf for the input.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic