New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Application secret from env variable does not work #12555
Comments
This is expected behaviour, see my explanation in #10972 (comment). Maybe you misunderstood what Anyway, you say that when you remove the (second) line |
I found the issue. APPLICATION_SECRET was not set but there was a strange character in that line after the variable that apparantly caused the issue. (see diff below) Thanks for your quick response anyway.
|
Perfect, glad you found the problem!
You are welcome! Have a nice time coding with Play 😉 |
The documentation states
But if this is set in the application.conf an exception is thrown, complaining that the entropy of the secret is too low pointing to the second line, even if there is no such environment variable set.
This is also the case if the first line contains a secret with sufficient entropy.
Play Version
3.0.2
API
Scala 3.3.1
Operating System
22.04.1-Ubuntu
JDK
Expected Behavior
The secret from the first line (
play.http.secret.key=<actual secret with sufficient entropy>
) in the config should be used.Actual Behavior
The second line (
play.http.secret.key=${?APPLICATION_SECRET}
) is used resulting in a secret with insuffcient entropy.Commenting out the second line makes the applicaton work.
And I checked the relevant environment variables with
sbt show run / envVars
and the returned map was empty.The text was updated successfully, but these errors were encountered: