SpringBoot配置文件脱敏处理

为避免把数据库等明文密码直接对外暴漏，需要对配置文件进行脱敏处理，具体步骤总结如下：

github地址https://github.com/ulisesbocchio/jasypt-spring-boot
1.导入依赖

<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>1.18</version>
</dependency>

2.编写配置类

@Component
public class JasyptConfiguration {

    @Bean("jasyptBean")
    public StringEncryptor stringEncryptor() {
        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
        config.setPassword("salt");
        config.setAlgorithm("PBEWithMD5AndDES");
        config.setKeyObtentionIterations("1000");
        config.setPoolSize("1");
        config.setProviderName("SunJCE");
        config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
        config.setStringOutputType("base64");
        encryptor.setConfig(config);
        return encryptor;
    }
}

3.加解密使用方法
①.去本地maven仓库mavenRepository \org\jasypt\jasypt\1.9.2文件夹下找到jar包

加密命令：java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input=原文 password=salt
解密命令：java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI input=密文 password=salt

②配置文件修改为为ENC(XXX).如：

password: ENC(2hwP5LNSHJXmYz3RIybBBQ==)

③如果嫌每次都执行jar包太麻烦，可以编写测试类，以方便加解密配置

@RunWith(SpringRunner.class)
@SpringBootTest(classes = TestApplication.class)
public class SpringBootJunitTest {
  
    /*jasypt加解密测试*/
    @Autowired
    StringEncryptor jasyptBean;
    @Test
    public void testENC(){
        System.out.println(jasyptBean.encrypt("1234"));
        System.out.println(jasyptBean.decrypt("jT1IZcf3k9tPhkV4S35dLw=="));
    }
}

本文地址：https://blog.csdn.net/qq_35368296/article/details/107085222