SpringBoot配置文件脱敏处理

为避免把数据库等明文密码直接对外暴漏，需要对配置文件进行脱敏处理，具体步骤总结如下：

github地址https://github.com/ulisesbocchio/jasypt-spring-boot 1.导入依赖

<dependency> <groupId>com.github.ulisesbocchio</groupId> <artifactId>jasypt-spring-boot-starter</artifactId> <version>1.18</version> </dependency>

2.编写配置类

@Component public class JasyptConfiguration { @Bean("jasyptBean") public StringEncryptor stringEncryptor() { PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor(); SimpleStringPBEConfig config = new SimpleStringPBEConfig(); config.setPassword("salt"); config.setAlgorithm("PBEWithMD5AndDES"); config.setKeyObtentionIterations("1000"); config.setPoolSize("1"); config.setProviderName("SunJCE"); config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator"); config.setStringOutputType("base64"); encryptor.setConfig(config); return encryptor; } }

3.加解密使用方法 ①.去本地maven仓库mavenRepository \org\jasypt\jasypt\1.9.2文件夹下找到jar包

加密命令：java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input=原文 password=salt 解密命令：java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI input=密文 password=salt

②配置文件修改为为ENC(XXX).如：

password: ENC(2hwP5LNSHJXmYz3RIybBBQ==)

③如果嫌每次都执行jar包太麻烦，可以编写测试类，以方便加解密配置

@RunWith(SpringRunner.class) @SpringBootTest(classes = TestApplication.class) public class SpringBootJunitTest { /*jasypt加解密测试*/ @Autowired StringEncryptor jasyptBean; @Test public void testENC(){ System.out.println(jasyptBean.encrypt("1234")); System.out.println(jasyptBean.decrypt("jT1IZcf3k9tPhkV4S35dLw==")); } }