SpringBoot使用Jasypt加密配置文件全过程

最新推荐文章于 2024-04-16 09:26:21 发布

Windyº

最新推荐文章于 2024-04-16 09:26:21 发布

阅读量318

点赞数

分类专栏：积沙成塔文章标签： spring boot

本文链接：https://blog.csdn.net/weixin_42096792/article/details/116098284

版权

积沙成塔专栏收录该内容

40 篇文章 4 订阅

订阅专栏

文章目录

1.创建SpringBoot 导入SQL文件
2. 导入Jasypt依赖
3. 配置Jasypt
4. 编写测试类启动类开启加密注解
5. 使用生成的密码替换明文密码
6. 启动项目测试

1.创建SpringBoot 导入SQL文件

所需依赖

<dependency>
   <groupId>org.springframework.boot</groupId>
   <artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
    <groupId>mysql</groupId>
    <artifactId>mysql-connector-java</artifactId>
    <scope>runtime</scope>
</dependency>
<dependency>
    <groupId>org.projectlombok</groupId>
    <artifactId>lombok</artifactId>
    <optional>true</optional>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-test</artifactId>
    <scope>test</scope>
</dependency>

编写Controller、Service、Dao、Entity

使用Jpa做的ORM映射，在码云上有再不复制粘贴了仓库地址

-- MySQL dump 10.13  Distrib 5.7.21, for Win64 (x86_64)
--
-- Host: 127.0.0.1    Database: jasypt
-- ------------------------------------------------------
-- Server version	5.7.21-log

/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;

--
-- Table structure for table `jasypt_demo`
--

DROP TABLE IF EXISTS `jasypt_demo`;
/*!40101 SET @saved_cs_client     = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `jasypt_demo` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(64) DEFAULT NULL COMMENT '姓名',
  `age` int(11) DEFAULT NULL COMMENT '年龄',
  PRIMARY KEY (`id`),
  UNIQUE KEY `jasypt_demo_id_uindex` (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=utf8 COMMENT='Jasypt示例表';
/*!40101 SET character_set_client = @saved_cs_client */;

--
-- Dumping data for table `jasypt_demo`
--

LOCK TABLES `jasypt_demo` WRITE;
/*!40000 ALTER TABLE `jasypt_demo` DISABLE KEYS */;
INSERT INTO `jasypt_demo` VALUES (1,'张三',23),(2,'李四',24),(3,'王五',25),(4,'赵六',26),(5,'田七',27),(6,'网八',28),(7,'老九',29);
/*!40000 ALTER TABLE `jasypt_demo` ENABLE KEYS */;
UNLOCK TABLES;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;

/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

-- Dump completed on 2021-04-24 17:57:22

2. 导入Jasypt依赖

<!--jasypt配置文件加密-->
<!-- https://mvnrepository.com/artifact/com.github.ulisesbocchio/jasypt-spring-boot-starter -->
<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>2.1.2</version>
</dependency>

3. 配置Jasypt

在 application.yml 中配置秘钥

jasypt:
  encryptor:
    password: HelloJasypt~~~  # 你的秘钥

4. 编写测试类启动类开启加密注解

用于生成加密后的密码

package com.wind.test;

import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.EnvironmentPBEConfig;
import org.junit.jupiter.api.Test;

public class JasyptTest {

    /**
     * 加密
     */
    @Test
    public void testEncrypt() {
        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        EnvironmentPBEConfig config = new EnvironmentPBEConfig();

        config.setAlgorithm("PBEWithMD5AndDES");            // 加密的算法，这个算法是默认的
        config.setPassword("HelloJasypt~~~");               // 加密的密钥，随便自己填写，很重要千万不要告诉别人
        standardPBEStringEncryptor.setConfig(config);
        String plainText = "root";                        // 需要加密的密码
        String encryptedText = standardPBEStringEncryptor.encrypt(plainText);
        System.out.println(encryptedText);
    }

    /**
     * 解密
     */
    @Test
    public void testDe() {
        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        EnvironmentPBEConfig config = new EnvironmentPBEConfig();

        config.setAlgorithm("PBEWithMD5AndDES");
        config.setPassword("HelloJasypt~~~");
        standardPBEStringEncryptor.setConfig(config);
        String encryptedText = "gdmJVN79WGmilI7sHi6ScQ==";   //加密后的密码
        String plainText = standardPBEStringEncryptor.decrypt(encryptedText);
        System.out.println(plainText);
    }

}

开启加密注解

package com.wind;

import com.ulisesbocchio.jasyptspringboot.annotation.EnableEncryptableProperties;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

/**
 * 启动类
 *
 * @author Windy
 * @date 2021-04-24
 */
@EnableEncryptableProperties //开启加密注解
@SpringBootApplication
public class SpringBootJasyptDemoApplication {

    public static void main(String[] args) {
        SpringApplication.run(SpringBootJasyptDemoApplication.class, args);
    }

}

5. 使用生成的密码替换明文密码

spring:
  datasource:
    type: org.springframework.jdbc.datasource.DriverManagerDataSource
    url: jdbc:mysql://127.0.0.1:3307/jasypt
    username: root
    password: ENC(gdmJVN79WGmilI7sHi6ScQ==) # 加密后的密码