[英]PostgreSQL secure connection in standalone java application
I'm creating standalone application (GUI-based on Swing). 我正在创建独立的应用程序(基于Swing的GUI)。 It will be like password holder (eg login / passwords for user specified sites) 就像密码持有人一样(例如,用户指定站点的登录名/密码)
It connects to remote psql database. 它连接到远程psql数据库。 And connection to the database stores in db.properties files. 与数据库的连接存储在db.properties文件中。
What I would like: 我想要的是:
I recommend storing the DB credentials in an environment variable and having the source code read in the value. 我建议将数据库凭证存储在环境变量中,并在值中读取源代码。
This prevents having to store the credentials in source control or binaries but allows you to easily provision/change your secrets. 这样可以避免将凭据存储在源代码管理或二进制文件中,但可以轻松配置/更改机密。
This has become a best practice included in "12 factor apps" and models the way Heroku and other hosting services manage application level config. 这已成为“ 12要素应用程序”中包括的最佳实践,并模拟了Heroku和其他托管服务管理应用程序级别配置的方式。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.