Basic info can be configured in applicaiton.yml, like username, pasword, etc. The plaintext of password is not safe. Jasypt help encrypt the sensitive information.
pom dependecny
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>2.1.1</version>
</dependency>config application.yml
spring:
datasource:
druid:
driver-class-name: com.mysql.jdbc.Driver
url: jdbc:mysql://localhost:3306/test
username: root
password: ENC(imOyX+iTLUZG1EwmTdHAVS/CX7PK/y7o)
ENC(imOyX+iTLUZG1EwmTdHAVS/CX7PK/y7o) is encrypted with salt by Jasypt. The plaintext is 12345678
Jaspyt config in application.yml
jasypt:
encryptor:
# encrypted salt
password: EbfYkitulv73I2p0mXI50JMXoaxZTKJ7Jaspyt UtilTool
import lombok.extern.slf4j.Slf4j;
import org.jasypt.util.text.BasicTextEncryptor;
@Slf4j
public final class JasyptUtil {
private JasyptUtil() {
}
public static String encryptPassword(String salt, String value) {
BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
textEncryptor.setPassword(salt);
String result = textEncryptor.encrypt(value);
log.info("encrypted password (Basic mode) = {}", result);
return result;
}
public static String decryptPassword(String salt, String value) {
BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
textEncryptor.setPassword(salt);
String result = textEncryptor.decrypt(value);
log.info("decypted password (Basic mode) = {}", result);
return result;
}
}Jaspyt Test
public static void main(String[] args) {
String str = decryptPassword("EbfYkitulv73I2p0mXI50JMXoaxZTKJ7", "imOyX+iTLUZG1EwmTdHAVS/CX7PK/y7o");
System.out.println(str.equalsIgnoreCase("12345678")); // true
}
