/
application.properties
70 lines (48 loc) · 1.95 KB
/
application.properties
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
spring.mvc.view.prefix:/WEB-INF/jsp/
spring.mvc.view.suffix:.jsp
# DataSource settings: set here your own configurations for the database
# connection. In this example we have "netgloo_blog" as database name and
# "root" as username and password.
spring.datasource.url = jdbc:mysql://to_be_replaced/tobereplaced
spring.datasource.username = userdb
spring.datasource.password = admindentist
# Keep the connection alive if idle for a long time (needed in production)
spring.datasource.testWhileIdle = true
spring.datasource.validationQuery = SELECT 1
# Show or not log for each sql query
spring.jpa.show-sql = true
# Hibernate ddl auto (create, create-drop, update)
spring.jpa.hibernate.ddl-auto = update
#other
server.servlet.session.cookie.secure= false
logging.level.org.springframework.web=DEBUG
# Naming strategy
spring.jpa.hibernate.naming-strategy = org.hibernate.cfg.ImprovedNamingStrategy
# Use spring.jpa.properties.* for Hibernate native properties (the prefix is
# stripped before adding them to the entity manager)
# The SQL dialect makes Hibernate generate better SQL for the chosen database
spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5Dialect
# the sql injection configuration
security.SQLI = false
#Sec Cookie usage
security.use-cookie = Base64
#Sec Cookie Param
security.cook-param = True
#Sec SessFix
security.sess-fix = No
# Turn Reset-all-password-of-database on or off
security.reset-password= True
#Sec XSS protection
security.xss-protection=No
# 3 types to store password in db
# Clear: Clear text
# Hashed: use SHA256
# SaltHashed: use SHA256 with Salt string
# PBKDF2
security.pwd-storage= Hashed
#key recapchart for prevent brute force username and password
google.recaptcha.key-site=6LfcKGcUAAAAAGeQnwfHGMakB4Eka9NfmftZ4UVs
google.recaptcha.key-secret=6LfcKGcUAAAAAKKvM8axm7rVkLV3lrZAg294FKTK
google.recaptcha.u-r-i=https://www.google.com/recaptcha/api/siteverify
security.pwbruteforce=False
security.csrfProtection=SameSite