Encrypting passwords in Framework Framework in application.conf
I am using Play 2.1.x and I am wondering if there is a way to encrypt passwords that may be required to access the database? I have a config entry that stores the url of the database server, user credentials to access the database, and I don't want to leave my password in plain text. How can I encrypt my user credentials? I want to not be encrypted later when I use them in the context of my replay server. Any pointers?
source to share
The problem is where to store the decryption key. If you store it in the same (or similar) configuration file, the whole exercise is moot.
I am assuming that you do not want to enter the plain text password in application.conf to avoid it appearing in source control. One way to mitigate such a leak is to have a different repository for sensitive configuration files for production systems (a different repository with fewer accessories works well).
source to share