Using typesafe config it is both possible to perform variable substitution and outright overriding of both keys and values:
config {
substitution.required = ${VAR}
should.not.override = "should not be overridden"
}
java -jar executable.jar -Dconfig.should.not.override="This is a security risk"
The ability to do variable substitution allows me to externalize configuration that should be externalized such as database URLs, which will be different depending on the deployment environment (staging, qa, prod).
However the ability to outright override anything is something of a security risk, should a potential hacker re-launch the application with nefarious configuration.
Is it possible to allow variable substitution but suppress total overriding ???
You can look at the overrides provided via the command line with ConfigFactory.defaultOverrides(), and check that it does not contain anything forbidden before calling ConfigFactory.load().
Another option is to build a Config object yourself with ConfigFactory.load(String resourceBasename) and not merge the command line overrides into it.