You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by "Romain Manni-Bucau (JIRA)" <ji...@apache.org> on 2018/04/30 14:29:00 UTC
[jira] [Commented] (TOMEE-2189) Allow for custom properties in
application context.xml
[ https://issues.apache.org/jira/browse/TOMEE-2189?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16458628#comment-16458628 ]
Romain Manni-Bucau commented on TOMEE-2189:
-------------------------------------------
Hi
it sounds more like a tomcat issue.
In tomee we already have some integration with dynamic properties using placeholders from system props (like tomcat) or the environment. We even have preconfigured templates for resources (like https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/resource/openshift/OpenshiftMySQLPropertiesProvider.java for openshift).
Romain
> Allow for custom properties in application context.xml
> ------------------------------------------------------
>
> Key: TOMEE-2189
> URL: https://issues.apache.org/jira/browse/TOMEE-2189
> Project: TomEE
> Issue Type: New Feature
> Components: TomEE Core Server
> Affects Versions: 7.0.4
> Environment: Docker, OpenShift instance.
> Reporter: Clinton A Lester
> Priority: Major
> Labels: easyfix
>
> Apologies in advance if this is a Tomcat vs TomEE issue. Please direct this appropriately if that is the case.
> Issue: Currently we are unable to easily extend the DataSourceFactory class to allow for additional custom properties in the context.xml. The reasoning is mostly that the ALL_PROPERTIES is final. Currently to achieve this we have override the
> getObjectInstance() method and essentially copied and pasted most of the method, only to add a small code snippet at the end to add addtional values to the properties object that is passed in to createDataSource().
> Java class:
> org.apache.tomcat.jdbc.pool.DataSourceFactory
>
> Use Case:
> Background: Our builds and deployments run in OpenShift on a docker instance. We have sourced the base image of TomEE which at build time is complied and a image spun up and then our code is deployed. This base image is the same for every service. In an effort to keep uniformity, we have need to specify multiple data sources in context.xml as well as securely provide the username, password, and database urls.
>
> Current approach: Rather than list the username, password, and url in the context.xml which is insecure, we provide them in the form of OpenShift "secrets" which are only accessible through the environment variable in OpenShift at deploy time. To do so we have extended DataSourceFactory to read them from files that we create and add them to the poolProperties. To take this further, for multiple datasources, we need multiple files. This requires us to pass in the file names at startup. To accomplish this we override getObjectInstace() as mentioned before.
>
> The request is to mitigate the need to copy/paste code by making the properties configurable or extend friendly.
>
> I have placed the priority as major, as we are vulnerable to constant patch updates with new releases, since we have copy/pasted the method within our extended class.
>
> Let me know if I can be more informative on our use case and why this feature would be a benefit to others seeking a configurable and secure way to provide credentials to the resources in TomEE server.
>
> Additionally I believe this change is small and simple enough, so I will apply the corresponding tags if available.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)