All, In IRC there was a short discussion about the merits of databasing properties normally placed in the /etc directory. The benefits of this would be security-related, by placing the sensitive configurable properties in a user-authenticated database, we would decrease the access to those files, instead of simply making them available. Below is the discussion: [10:25] <karafman> Do any of you place properties in a database table instead of in the /etc directory? [10:27] <kit> i'm doing something of the sort with Derby…not quite properties - but there's a lookup on service startup. trying to figure out if it is possible to tie-in to CM. [10:32] <karafman> I think there'd need to be a code-change, but I really like the idea of databasing properties. The additional security you'd get outweighs the effort needed to implement it (IMHO). [10:35] <karafman> I'll add a discussion topic on this to the Developers list. [10:36] <kit> cool. [10:36] <karafman> Once I get permission to post to the dev's list, I mean. :-) [10:37] <karafman> I'm thinking something like, if the /etc directory is missing, automatically connect to an internal derby or H2 implementation and fetch properties. [10:40] <karafman> Among those properties would be a database.cfg table containing connection information to different database which would hold service/application specific properties. [10:41] <kit> i don't know about not having /etc - but do think there could be a file there that points to the db config [10:42] <splatch> karafman: I don't think it is a good idea. For the Karaf it's a lot of work because we have Configuration Admin as OSGi service which reads properties from files [10:42] <splatch> if you would like to move your properties to database you might think about wrapping Configuration Admin service [10:42] <kit> @splatch but CA could read from DB too [10:42] <kit> right...:) [10:42] <kit> a remote db at that. [10:43] <splatch> that might be fancy stuff for configuration management [10:43] <splatch> in bigger deployments
----- Karafman Slayer of the JEE Pounder of the Perl Programmer -- View this message in context: http://karaf.922171.n3.nabble.com/databasing-etc-properties-tp2163277p2163277.html Sent from the Karaf - Dev mailing list archive at Nabble.com.
