Hello,
I am currently testing your SAML addon and I would like to relocate the configuration from the web.app.properties to the database (interface SamlConfig).
Is this possible and what should I do?
Best regards
Andreas
Hi Andreas,
Unfortunately it’s impossible in the current version of the add-on because the config interface is annotated with @Source(type = SourceType.APP) which means that properties are loaded only from files.
Please create an issue at Issues · cuba-platform/saml-addon · GitHub for this problem.
Hi @Andreas.Brueck,
These properties are security related and we never let such information to be stored in DB as plaint text. The reason is simple - storing them in file system is much more secured and not prone to sql injections and other possible attacks.
Regards,
Aleksey
Hi,
Is this really true? I mean from what I see, it is more configuration of a security domain or am I mistaken?
Bye
Mario
Yes, this is true. See SAML or LDAP addon. Regarding S3, you are right, this is mistakenly stored in the DB. We will probably move it with the next major update.
it was more a joke 
But seriously, I can remember when doing the storage in the DB it is still possible to override it by web-app.properties. This means that it would be up to the user to decide based on their use-case.
I see your point when it comes to security, but I would assume different environments have different security requirements, therefore it might be ok to have it in the DB in some scenarios.
Bye
Mario
Good point.
Not sure. You may need some properties before the database becomes available, e.g. when the web tier is starting, or properties specific to this server instance.