【SpringBoot 学习】48、SpringBoot 使用 jasypt 实现配置文件加密
原创
©著作权归作者所有:来自51CTO博客作者Tellsea的原创作品,请联系作者获取转载授权,否则将追究法律责任
文章目录
SpringBoot 使用 jasypt 实现配置文件加密
集成 jasypt-spring-boot-starter
项目父节点中节点引入相关 pom,然后把版本配置到中统一管理版本
<jasypt-spring-boot.version>2.1.1</jasypt-spring-boot.version>
<!-- 数据库账户加密 -->
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>${jasypt-spring-boot.version}</version>
</dependency>
对应的模块引入依赖,我是直接写在 ruoyi-common 模块,所以直接引入到对应的模块中即可
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
</dependency>
创建加密配置类
package com.ruoyi.extend.jasypt.config;
import org.jasypt.encryption.StringEncryptor;
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* jasypt 配置
*
* @author Tellsea
* @date 2021/03/01
*/
@Configuration
public class EncryptorConfig {
@Bean("jasyptStringEncryptor")
public StringEncryptor stringEncryptor() {
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword("ruoyi-vue-service");
config.setAlgorithm("PBEWithMD5AndDES");
config.setKeyObtentionIterations("1000");
config.setPoolSize("1");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setIvGeneratorClassName("org.jasypt.salt.NoOpIVGenerator");
config.setStringOutputType("base64");
encryptor.setConfig(config);
return encryptor;
}
}
创建秘钥生成测试类
package com.ruoyi.extend.jasypt;
import org.jasypt.util.text.BasicTextEncryptor;
/**
* Jasypt加密库
*
* @author Tellsea
* @date 2021/02/28
*/
public class JasyptTest {
public static void main(String[] arg) {
BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
textEncryptor.setPassword("ruoyi-vue-service");
System.out.println("加密账号:" + textEncryptor.encrypt("root"));
System.out.println("加密密码:" + textEncryptor.encrypt("123456"));
System.out.println("加密账号:" + textEncryptor.encrypt("admin"));
System.out.println("加密密码:" + textEncryptor.encrypt("admin6666"));
}
}
生成之后的秘钥,直接放到配置文件中,并使用放入 ENC()中使用,例如生成的秘钥为
加密账号:c1gf7hbLLIANqMAAkHEvZg==
加密密码:J6s9Mim5PGqx1choUpymIA==
则使用时为
username: ENC(mztEjKO4+QQF7+lhgNXchg==)
password: ENC(Pn07sYDgGYKGv+nm4T8x3A==)