Apache Cayenne keeps a "...project.xml" file within the resources directory. This file contains the password to the database. This is a problem because the [deployment server] password should not visible to developers. Further, it would need to be a different user/password and connection to a different database during development.
What is the best practice to manage this "...project.xml" when using Cayenne? Any suggestions?
EDIT:
Instead of putting the database connection info (incl. password) into the XML file, is it possible to inject the info programatically into the DataSource object? If so, I can load the info from a config file when the app starts and then inject it.
Yes of course. There is a "cayenne.jdbc.password" property that can be used to define DataSource password in runtime. It can be applied in two alternative ways:
As a system property on command line:
java -Dcayenne.jdbc.password=xxxxx
Via injection:
ServerModule.contributeProperties(binder)
.put(Constants.JDBC_PASSWORD_PROPERTY, "xxxxx");
This and other config properties are documented here.