SpringBoot配置文件脱敏处理
程序员文章站
2023-12-05 22:47:04
为避免把数据库等明文密码直接对外暴漏,需要对配置文件进行脱敏处理,具体步骤总结如下:1.导入依赖 com.github.ulisesbocchio jasypt-spring-boot-starter 1.18 ...
为避免把数据库等明文密码直接对外暴漏,需要对配置文件进行脱敏处理,具体步骤总结如下:
github地址https://github.com/ulisesbocchio/jasypt-spring-boot
1.导入依赖
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>1.18</version>
</dependency>
2.编写配置类
@Component
public class JasyptConfiguration {
@Bean("jasyptBean")
public StringEncryptor stringEncryptor() {
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword("salt");
config.setAlgorithm("PBEWithMD5AndDES");
config.setKeyObtentionIterations("1000");
config.setPoolSize("1");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setStringOutputType("base64");
encryptor.setConfig(config);
return encryptor;
}
}
3.加解密使用方法
①.去本地maven仓库mavenRepository \org\jasypt\jasypt\1.9.2文件夹下找到jar包
加密命令:java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input=原文 password=salt
解密命令:java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI input=密文 password=salt
②配置文件修改为为ENC(XXX).如:
password: ENC(2hwP5LNSHJXmYz3RIybBBQ==)
③如果嫌每次都执行jar包太麻烦,可以编写测试类,以方便加解密配置
@RunWith(SpringRunner.class)
@SpringBootTest(classes = TestApplication.class)
public class SpringBootJunitTest {
/*jasypt加解密测试*/
@Autowired
StringEncryptor jasyptBean;
@Test
public void testENC(){
System.out.println(jasyptBean.encrypt("1234"));
System.out.println(jasyptBean.decrypt("jT1IZcf3k9tPhkV4S35dLw=="));
}
}
本文地址:https://blog.csdn.net/qq_35368296/article/details/107085222