Configuration Files
Be careful in defining configuration information using double quotes, because if the value you are attempting to assign contains a dollar sign ($), grails will see that as a variable and attempt to substitute the letters/words following the dollar sign with variable information for those letters/words. While this situation probably only presents itself with passwords, I always use single quotes defining information in the configuration files, unless I explicitly want to inject variable data into a configuration attribute, so there is no confusion.
For example, the following error-causing configuration
datasource {
...
password = "Thi$i$Secure"
...
}
would probably result in password = 'Thi', unless you defined an i or Secure variable somewhere else in the configuration file, in which case, you would assign the result of evaluating that information too.Instead, I would suggest that you always specify your configuration information in single quotes
datasource {
...
password = 'Thi$i$Secure'
...
}
For sake of completeness, you could alternatively escape the dollar sign ($)
datasource {
...
password = "Thi\$i\$Secure"
...
}
however, this leaves the possibility for errors that may not be easy to spot. Especially, if you have an externalized config and this error arises in production.
No comments:
Post a Comment