Does externalizing sensitive configuration variables in .properties outside Config.groovy provide a security advantage in Grails?

Question

Does externalizing sensitive configuration variables in .properties outside Config.groovy provide a security advantage in Grails?

I understand that in Grails, by default, vars configurations are stored in Config.groovy and, after deployment, the properties are contained in the war. Obviously, this can cause problems if you need to change them without redistributing the application. However, I just read the following in the Grails AWS plugin docs:

"As recommended by Amazon, you can use the .properties file to process your private key and access this plugin."

...

"Sometimes you still don’t have access to the file system, but don’t want to store your credentials in your configuration file

(http://blanq.github.com/grails-aws/1.2.12.1/index.html)

Is there any security advantage for storing loans outside Config.groovy? Maybe I missed something: /

+2

grails

Ryanlynch Feb 04 '12 at 2:46

source share

3 answers

. , PayPal ( ). , - (/etc/myapp/config.properties), .

, " ", , , . , , , , ,

+1

Igor Artamonov 04 . '12 4:51

, , , ..

- Grails . , .

0

Saurabh 05 . '12 2:28

OverZealous · Accepted Answer · 2012-02-04T04:55:54+0000

There are several specific reasons why you do not want to include security information directly in the WAR.

You may be working with external developers or developers who should not have direct access to certain protected information.
Perhaps you are working with confidential data that only a select few should see, perhaps not even yourself.
You may not know the credentials ahead of time. This often happens in an environment where someone else is providing resources.
, WAR , .

, , .

Does externalizing sensitive configuration variables in .properties outside Config.groovy provide a security advantage in Grails?

More articles: