编程知识 cdmana.com

Springboot jasypt encrypts database account and password information

One 、 Preface

Consider security , When the project is deployed , The database account password in the configuration file cannot be plaintext , So consider encryption

1、Jasypt encryption

2、alibaba.druid encryption

So here I'm going to use theta jasypt, Don't talk much , Start configuration

Two 、 To configure

1、maven quote

Jasypt Refer to the maven To configure : So here I'm going to use theta jasypt1.9.2 Version of , You can consider a higher version of the configuration

		<dependency>
			<groupId>com.github.ulisesbocchio</groupId>
			<artifactId>jasypt-spring-boot-starter</artifactId>
			<version>2.1.0</version>
		</dependency>
		<dependency>
			<groupId>com.github.ulisesbocchio</groupId>
			<artifactId>jasypt-spring-boot</artifactId>
			<version>2.1.0</version>
		</dependency>
		<dependency>
			<groupId>org.jasypt</groupId>
			<artifactId>jasypt</artifactId>
			<version>1.9.2</version>
		</dependency>

in addition jasypt 1.9.2 The best match springboot The version is 2.3.3 above

2、 Encrypted character generation

find maven In the local warehouse jasypt -1.9.2.jar The catalog of , And open cmd Environmental Science , Execute the following command :

java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input="123456" password=sb01 algorithm=PBEWithMD5AndDES

Command parsing :

  • input The value of is the original password .
  • password The value of is the parameter jasypt.encryptor.password The specified value , The secret key . It's up to you
  • algorithm It's encryption , Fixed value

Bear in mind , There should be no spaces before and after the command !, Otherwise it will be reported :java.security.NoSuchAlgorithmException: PBEWithMD5AndDES? SecretKeyFactory not available

The results of correct execution are as follows :

3、 Use

  1. Add configuration properties jasypt.encryptor.password = XXX, This is the secret key to encryption , What I ordered here is sb01;
  2. Replace all plaintext passwords with ENC( Encrypted string ), for example ENC(w+OxT6QlB18LAo9pR2t6zA==);

Complete the above configuration !

Be careful :

1、 If you don't use @SpringBootApplication or @EnableAutoConfiguration annotation , You need to In your startup class

  • Application.java Add notes on @EnableEncryptableProperties;

Participation of this paper Tencent cloud media sharing plan , You are welcome to join us , share .

版权声明
本文为[The blank of writing memory]所创,转载请带上原文链接,感谢
https://cdmana.com/2020/12/20201224104023999M.html

Scroll to Top