欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

SpringBoot配置文件脱敏处理

程序员文章站 2023-12-05 22:47:04
为避免把数据库等明文密码直接对外暴漏,需要对配置文件进行脱敏处理,具体步骤总结如下:1.导入依赖 com.github.ulisesbocchio jasypt-spring-boot-starter 1.18...

为避免把数据库等明文密码直接对外暴漏,需要对配置文件进行脱敏处理,具体步骤总结如下:

github地址https://github.com/ulisesbocchio/jasypt-spring-boot
1.导入依赖

<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>1.18</version>
</dependency>

2.编写配置类

@Component
public class JasyptConfiguration {

    @Bean("jasyptBean")
    public StringEncryptor stringEncryptor() {
        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
        config.setPassword("salt");
        config.setAlgorithm("PBEWithMD5AndDES");
        config.setKeyObtentionIterations("1000");
        config.setPoolSize("1");
        config.setProviderName("SunJCE");
        config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
        config.setStringOutputType("base64");
        encryptor.setConfig(config);
        return encryptor;
    }
}

3.加解密使用方法
①.去本地maven仓库mavenRepository \org\jasypt\jasypt\1.9.2文件夹下找到jar包

加密命令:java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input=原文 password=salt
解密命令:java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI input=密文 password=salt

②配置文件修改为为ENC(XXX).如:

password: ENC(2hwP5LNSHJXmYz3RIybBBQ==)

③如果嫌每次都执行jar包太麻烦,可以编写测试类,以方便加解密配置

@RunWith(SpringRunner.class)
@SpringBootTest(classes = TestApplication.class)
public class SpringBootJunitTest {
  
    /*jasypt加解密测试*/
    @Autowired
    StringEncryptor jasyptBean;
    @Test
    public void testENC(){
        System.out.println(jasyptBean.encrypt("1234"));
        System.out.println(jasyptBean.decrypt("jT1IZcf3k9tPhkV4S35dLw=="));
    }
}

本文地址:https://blog.csdn.net/qq_35368296/article/details/107085222