Spring配置文件敏感数据加密

配置文件敏感数据加密

1. 引入依赖

           <dependency>
               <groupId>com.github.ulisesbocchio</groupId>
               <artifactId>jasypt-spring-boot-starter</artifactId>
               <version>3.0.5</version>
           </dependency>
   
   

2. 启动项目指定加密盐：

   jasypt:
     encryptor:
       password: *****
   

3. 进行明文加密

   controller加密类

   package com.zhqc.cloud.wms.ob.controller;
   
   import groovy.util.logging.Slf4j;
   import org.jasypt.encryption.StringEncryptor;
   import org.slf4j.Logger;
   import org.slf4j.LoggerFactory;
   import org.springframework.web.bind.annotation.GetMapping;
   import org.springframework.web.bind.annotation.PathVariable;
   import org.springframework.web.bind.annotation.RequestMapping;
   import org.springframework.web.bind.annotation.RestController;
   
   import javax.annotation.Resource;
   
   /**
    * @author zdd
    */
   @RestController
   @RequestMapping("/encrypted")
   @Slf4j
   public class EncryptedController {
   
       private static final Logger log = LoggerFactory.getLogger(EncryptedController.class);
       @Resource
       private StringEncryptor stringEncryptor;
   
       @GetMapping("/encrypt/{str}")
       public void encrypted(@PathVariable("str") String str) {
           log.info("加密 password: ENC({})", stringEncryptor.encrypt(str));
       }
   
       @GetMapping("/decrypt/{str}")
       public void decrypted(@PathVariable("str") String str) {
           log.info("解密 password: {}", stringEncryptor.decrypt(str));
       }
   
   }
   

4. 解密后拼接标识，前缀：ENC( 后缀: )， 直接替换明文即可

例：ENC(aetSrrBEu3mQsauRI1wPL69j3I7mZal4ZK6XdA37YyhSYUogIXdRTVDEwHVXDt2E)