How to get username and password from Credential Manager?

Question

In application.properties I want to store these data:

spring.mail.host=smtp.gmail.com
spring.mail.port=587
spring.mail.username=my-email
spring.mail.password=my-email-password
spring.mail.properties.mail.smtp.auth=true
spring.mail.properties.mail.smtp.starttls.enable=true

Since my Git repository is public, I don't want anybody to see my email and password.

Since I am on Windows 11, Environment Variables are an option. But once I open this window, everybody sitting next to me can see my password since it is just plain text.

I want my password to be secure, even if it is stored on my own computer only.

So Instead of environment variables, I think it is a better approach to store the details in Credential Manager on Windows. I am using the dependency spring-cloud-starter-vault-config, version 4.0.0.

In Credential Manager I have added a generic credential and called it Gmail. And this is what I have tried in application.yml:

spring:
  cloud:
    vault:
      uri: vault://wincred/Gmail
  mail:
    host: smtp.gmail.com
    port: 587
    username: ${vault.generic.Gmail.username}
    password: ${vault.generic.Gmail.password}
    properties:
      mail:
        smtp:
          auth: true
          starttls:
            enabled: true

But I get these exceptions:

Caused by: java.lang.IllegalArgumentException: Can't retrieve default port from vault://wincred/Gmail

Caused by: java.net.MalformedURLException: unknown protocol: vault

Is what I am trying out even possible?

Answer 1

Not possible. Windows Credentials Manager has no connection to Hashicorp Vault.

Answer 2

Credential Manager is really designed for managing credentials used by internal operating system features, such as the Multiple Provider Router.

Windows does provide a set of Cryptographic APIs, including the Data Protection API, which is designed for the secure storage of arbitrary information using a cryptographic key derived from the user's logon password.