cayenne-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Hull <mark.mkg...@gmail.com>
Subject Re: Redacting db user name and password from XML
Date Wed, 17 Jan 2018 18:37:36 GMT
Just to chime in on this topic, since my original question about 
user/password redaction I have done a lot of research and testing, and I 
decided to go with a modified version of Mike Kienenberger's 
DataSourceFactory. I also have a just plain Java application, btw. Since 
my needs were a bit different than his I streamlined the code a bit, and 
now I have a great resolution to my original quandary. By using the 
DataSourceFactory all implementation physical database properties are 
removed from the code (including the XML file),  the properties are 
provided at runtime, and the modeler still works great. I am including 
the code below in hopes that it may help you. Thanks to Mr. Kienenberger 
again for my ultimate solution. I note in passing that this method lets 
me change /which/ database I'm using at runtime as well, something I 
need to do but didn't mention earlier.

The DataSourceFactory class in the application is pretty simple. 
PurdahKeys is just a singleton POJO bean-like class:

public final class A1iciaDataSourceFactory implements DataSourceFactory {

     @Override
     public DataSource getDataSource(DataNodeDescriptor nodeDescriptor) 
throws Exception {
         MysqlConnectionPoolDataSource dataSource;
         PurdahKeys purdah;

         purdah = PurdahKeys.getInstance();
         dataSource = new MysqlConnectionPoolDataSource();
         dataSource.setUser(purdah.getDatabaseUser());
         dataSource.setPassword(purdah.getDatabasePassword());
         dataSource.setServerName(purdah.getDatabaseServer());
         dataSource.setPort(purdah.getDatabasePort());
         dataSource.setDatabaseName(purdah.getDatabaseName());
         dataSource.setUseSSL(purdah.getDatabaseUseSSL());
         return dataSource;
     }

}

The node definition in the XML file looks like:

     <node name="a1icia_datanode"
          factory="com.hulles.a1icia.cayenne.A1iciaDataSourceFactory"
  schema-update-strategy="org.apache.cayenne.access.dbsync.SkipSchemaUpdateStrategy">
         <map-ref name="a1icia_datamap"/>
         <data-source>
             <url value="announcement"/>
         </data-source>
      </node>

The <data-source> <url> property isn't really used anywhere in my code, 
but if I take it out I get an error from the modeler saying that there 
are no parameters, so I include it with a dummy value.

Again, I hope this helps someone. I should add that I'm using Cayenne 
4.1 M1.

-- Mark Hull



On 01/16/2018 03:22 PM, Pascal Robert wrote:
> Do -Dcayenne.jdbc.username really work? I’m trying to use that (so that the password
is not stored in Git), and the runtime is still using the login information from the XML file.
>
> Cayenne 4.1.M1.
> ServerRuntime mysqlRuntime = ServerRuntime.builder().addConfig("cayenne-mysql.xml").build();
>
>> Le 18 déc. 2017 à 11:49, Andrus Adamchik <andrus@objectstyle.org> a écrit
:
>>
>> Hi Mark,
>>
>> We've done quite a bit of work in Cayenne to avoid complex things like PasswordEncoding
or custom DataSourceFactories. If all that is needed is to change / define login credentials,
the simplest way is via properties [1]. [2] shows an example with a single DataNode. If you
have more than one, you will need to add the project name and the DataNode name to the base
property name. E.g.:
>>
>> export MY_USER=user
>> export MY_PASSWORD=secret
>>
>> java -Dcayenne.jdbc.username.project.mynode=$MY_USER \
>>      -Dcayenne.jdbc.password.project.mynode=$MY_PASSWORD \
>>      -jar myapp.jar
>>
>>
>> Hope this helps,
>> Andrus
>>
>> [1] http://cayenne.apache.org/docs/4.0/cayenne-guide/configuration-properties.html
>> [2] https://stackoverflow.com/questions/45781378/best-practice-to-manage-apache-cayenne-project-xml-file
>>
>>
>>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message