使用 Jasypt 加密 Spring Boot 配置中的项,例如数据库密码。
格式:xxx: ENC(密文)
1.添加Maven依赖
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.3</version>
</dependency>
2.配置application.yml文件
jasypt:
encryptor:
password: PassWord # 可自定义根密码
3.使用SpringBootTest生成密文
@Test
public void encryptPwd() {
// 生成url密文
System.out.println("url: ENC(" + stringEncryptor.encrypt("jdbc:mysql://localhost:3306/test") + ")");
// 生成username密文
System.out.println("username: ENC(" + stringEncryptor.encrypt("root") + ")");
// 生成password密文
System.out.println("password: ENC(" + stringEncryptor.encrypt("123456") + ")");
}
输出结果
url: ENC(XEEvwpQcn3IxOBYv/0+K4ZPqjwfWudpHtkXGGeapj2y0G4KG7L0paeXPdl20RYc4IJRjhQO4TsqFcfE7tGvgIpxLenhKDM53m+rVCfkJk4c=)
username: ENC(6TSzoI15jlr4xptlvpTZhYiyfbpmiugZTIqhCLVYEEdk80KXF1l616nmtktze/Wm)
password: ENC(hjID110dTtzKEpwjgVh/VKERL/lScX54VCG51gW+b7kyFMvRsoIuSETQ9RhpL5K6)
4.将生成的密文填入配置文件中
spring:
datasource:
url: ENC(XEEvwpQcn3IxOBYv/0+K4ZPqjwfWudpHtkXGGeapj2y0G4KG7L0paeXPdl20RYc4IJRjhQO4TsqFcfE7tGvgIpxLenhKDM53m+rVCfkJk4c=)
username: ENC(6TSzoI15jlr4xptlvpTZhYiyfbpmiugZTIqhCLVYEEdk80KXF1l616nmtktze/Wm)
password: ENC(hjID110dTtzKEpwjgVh/VKERL/lScX54VCG51gW+b7kyFMvRsoIuSETQ9RhpL5K6)
5.(密钥与配置分开保存)可通过配置启动环境来指定根密码
–jasypt.encryptor.password=PassWord