1、pom文件添加依赖
<!-- 配置文件密码加密工具 -->
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.4</version>
</dependency>
2、application.yml文件添加
#加密所需的salt(盐)
jasypt:
encryptor:
password: AD42F6697B035B7580E4FEF93BE20BAD
#加密算法设置3.0.0以后
algorithm: PBEWithMD5AndDES
iv-generator-classname: org.jasypt.iv.NoIvGenerator
3、添加测试类JasyptTest.java
package myboot;
import org.jasypt.util.text.BasicTextEncryptor;
public class JasyptTest {
public static void main(String[] args) {
BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
// 加密所需的salt(盐)
textEncryptor.setPassword("AD42F6697B035B7580E4FEF93BE20BAD");
String str1 = "654321"; // 数据库
String str2 = "123456"; // 邮箱
System.out.println(textEncryptor.encrypt(str1));
System.out.println(textEncryptor.encrypt(str2));
}
}
执行结果:
TSNRe9Ou+hxupLlQ3me15Q==
EBfyncD8izHWW8+8dFKPmw==
每次执行加密结果不同,但是都可以解密出明文
4、将配置文件中password后的值改成ENC(xxxxxxxxxx)
例如:
#定义数据源
#参考 https://github.com/alibaba/druid/wiki/DruidDataSource%E9%85%8D%E7%BD%AE
spring:
datasource:
druid:
driver-class-name: com.mysql.cj.jdbc.Driver
type: com.alibaba.druid.pool.DruidDataSource
url: jdbc:mysql://localhost:3306/webapp2?serverTimezone=UTC
username: user2
#654321
password: ENC(TSNRe9Ou+hxupLlQ3me15Q==)
#配置监控统计拦截的filters
filters: stat,wall,slf4j
max-active: 20
initial-size: 1
max-wait: 60000
min-idle: 1
time-between-eviction-runs-millis: 60000
min-evictable-idle-time-millis: 300000
test-while-idle: true
test-on-borrow: false
test-on-return: false
pool-prepared-statements: true
max-open-prepared-statements: 20
async-init: true
filter:
slf4j:
enabled: true
statement-create-after-log-enabled: false
statement-close-after-log-enabled: false
result-set-open-after-log-enabled: false
result-set-close-after-log-enabled: false
#邮件发送
mail:
username: xxx@xxx.com
#123456
password: ENC(EBfyncD8izHWW8+8dFKPmw==)
host: smtp.exmail.qq.com
port: 465
properties:
mail:
transport:
protocol: smtp
smtp:
socketFactory:
class: javax.net.ssl.SSLSocketFactory
port: ${spring.mail.port}
auth: true
starttls:
enable: true
required: true
参考资料:
https://blog.csdn.net/qq_37143673/article/details/107563064/
注:最新代码上传至https://github.com/csj50/myboot