Spring Boot加密應用配置檔案敏感資訊(jasypt)

浪丶蕩發表於2019-01-26

maven依賴

<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>1.16</version>
</dependency>

yml檔案加上配置加解密salt

jasypt:
  encryptor:
    password: passwd #根密碼

注:這樣寫就如同你給門上了鎖,但鑰匙插在鎖孔裡!

開發為了方便可以如此,部署時不能這麼做,請移步:使用Jasypt對SpringBoot配置檔案加密(部署時操作)


使用測試類生成密文
package com.zubus.commonBiz;

import org.jasypt.encryption.StringEncryptor;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit4.SpringRunner;

import lombok.extern.log4j.Log4j2;

@RunWith(SpringRunner.class)
@SpringBootTest
@Log4j2
public class CommonBizApplicationTests {

    @Autowired
    StringEncryptor stringEncryptor;

    @Test
    public void encryptPwd() {
        String mysql_userName = stringEncryptor.encrypt("root");
        String mysql_pw = stringEncryptor.encrypt("Hy@12345");
        String appid = stringEncryptor.encrypt("wx8e5629e59b406c1a");
        String secret = stringEncryptor.encrypt("a2dbfb1643396818374e1d424102ec5b");
        String mysql_url = stringEncryptor.encrypt("jdbc:mysql://11.107.23.176/database");
        System.out.println("mysql_userName:"+mysql_userName);
        System.out.println("mysql_pw:"+mysql_pw);
        System.out.println("appid:"+appid);
        System.out.println("secret:"+secret);
        System.out.println("mysql_url:"+mysql_url);
    }

}

在配置檔案中使用密文
ENC(密文)

spring:
  datasource:
    common-biz:
      jdbc-url: ENC(gbSChEP7H3NBfCWsT24DuK6NO1cAVSKRABOmpv82k1keGdwoRCjWvJnwIZ94nLzvu9Ix7M=)
      username: ENC(pCe0TYU7AhdLwXHz4sQUHdw==)
      password: ENC(vXt/1zCHA4v2MSxfIaDaUOo6H3+DhSqID)

相關文章