现公司要求配置文件不能出现明文敏感信息,现做信息加密,用的
是github大佬开源的加密资源,本项目用的是springboot
所引 jar
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.8.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
</dependency>
<!-- 加密 -->
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>1.17</version>
</dependency>
</dependencies>
配置私密盐
password可以随意更换,加密解密的时候需要内容一样,如果不添加的
话请求的时候会报错:Required Encryption configuration property missing: jasypt.encryptor.password
jasypt:
encryptor:
password: 123456
先写个加密方式,将所需要的明文转化成密文
@Autowired
private StringEncryptor stringEncrypor;
public String encrty(String encr) {
String encrypt = stringEncrypor.encrypt(encr);
//encrypt 就是加密之后的密文
return encrypt;
}
//解密,输入密文,可解析成明文
public String decrypt(String encr) {
String encrypt = stringEncrypor.decrypt(encr);
return encrypt;
}
通过上面的方法将明文转换成密文之后再配置文件里面进行配置
#密文在配置文件用ENC()配置即可
spring:
datasource:
type: com.alibaba.druid.pool.DruidDataSource
driver-class-name: com.mysql.jdbc.Driver
#driver-class-name: oracle.jdbc.driver.OracleDriver
username: root
password: ROOT
url: **ENC(LsAsIU2MLaENVAiqk47ZkQ351ZcYcgPfNb3e0Ei71KT0Yito+hM3yPsWcsLFY8d2DzuNMlpfWBwDWg84pFa78wFBUAY6vp6S)**
jpa:
properties:
hibernate:
show_sql: true
format_sql: true
dialect: org.hibernate.dialect.MySQL5Dialect
naming:
#jpa查sql将字段自动加下划线(org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl)
physical-strategy: org.hibernate.cfg.ImprovedNamingStrategy
ddl-auto: update
# create (自动创建表,要先创建类,每次都是先删再创建) update:如果表存在则不创建,只在第一次初始化时创建表
mvc:
view:
prefix: /WEB-INF/jsp/
suffix: .jsp