Spring Boot加密应用配置文件敏感信息(jasypt)

Spring Boot加密应用配置文件敏感信息(jasypt)

2019年01月26日 10:27:24 浪丶荡 阅读数：198

版权声明：一家之言，看完就忘了吧 https://blog.csdn.net/leisure_life/article/details/86654750

maven依赖

<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>1.16</version>
</dependency>

yml文件加上配置加解密salt

jasypt:
  encryptor:
    password: passwd #根密码

注：这样写就如同你给门上了锁，但钥匙插在锁孔里！

开发为了方便可以如此，部署时不能这么做，请移步：使用Jasypt对SpringBoot配置文件加密（部署时操作）

使用测试类生成密文

package com.zubus.commonBiz;

import org.jasypt.encryption.StringEncryptor;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit4.SpringRunner;

import lombok.extern.log4j.Log4j2;

@RunWith(SpringRunner.class)
@SpringBootTest
@Log4j2
public class CommonBizApplicationTests {

    @Autowired
    StringEncryptor stringEncryptor;

    @Test
    public void encryptPwd() {
        String mysql_userName = stringEncryptor.encrypt("root");
        String mysql_pw = stringEncryptor.encrypt("Hy@12345");
        String appid = stringEncryptor.encrypt("wx8e5629e59b406c1a");
        String secret = stringEncryptor.encrypt("a2dbfb1643396818374e1d424102ec5b");
        String mysql_url = stringEncryptor.encrypt("jdbc:mysql://11.107.23.176/database");
        System.out.println("mysql_userName："+mysql_userName);
        System.out.println("mysql_pw："+mysql_pw);
        System.out.println("appid："+appid);
        System.out.println("secret："+secret);
        System.out.println("mysql_url："+mysql_url);
    }

}

在配置文件中使用密文
ENC(密文)

spring:
  datasource:
    common-biz:
      jdbc-url: ENC(gbSChEP7H3NBfCWsT24DuK6NO1cAVSKRABOmpv82k1keGdwoRCjWvJnwIZ94nLzvu9Ix7M=)
      username: ENC(pCe0TYU7AhdLwXHz4sQUHdw==)
      password: ENC(vXt/1zCHA4v2MSxfIaDaUOo6H3+DhSqID)