24. springboot常用starter_jasypt_密

jasypt-spring-boot-starter 简介

Jasypt Spring Boot 为 Spring Boot 项目中的属性源提供加密支持

springboot项目通过jasypt-spring-boot-starter加密配置

jasypt-spring-boot-starter

属性加密那个例子

pom.xml文件中加入 jasypt-spring-boot-starter

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>com.github.ulisesbocchio</groupId>
            <artifactId>jasypt-spring-boot-starter</artifactId>
            <version>2.1.1</version>
        </dependency>

        <!-- 验证一下 增加jdbc以及MySQL -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-jdbc</artifactId>
        </dependency>
        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
                

密文的生成

写一个测试类生成密文

import org.jasypt.util.text.BasicTextEncryptor;
import org.junit.jupiter.api.Test;

/**
 * 生成密文的工具代码
 */
public class EncryptUtilTest {

    @Test
    public void test() {
        BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
        //加密所需的salt
        textEncryptor.setPassword("salt_hong");
        //要加密的数据（数据库的用户名或密码）
        String username = textEncryptor.encrypt("root");
        String password = textEncryptor.encrypt("123");
        System.out.println("username:"+username);
        System.out.println("password:"+password);
    }
}

修改配置文件 application.yaml

spring:
  datasource:
    driver-class-name: com.mysql.cj.jdbc.Driver
    password: ENC(xuJkpMR/Y+qre80vXFVrvA==)
    url: jdbc:mysql://127.0.0.1:3306/test?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai
    username: ENC(/ig+VwnECkdmU9rcVOzung==)

使用

可配置在application.yml文件中（这种方式不安全）

jasypt:
  encryptor:
    password: salt_hong

推荐在JVM启动参数中设置

在idea中配置如下：

-Djasypt.encryptor.password=salt_hong

启动类可以这么加

启动类增加启动vm参数

测试类可以这么加

测试类增加salt

验证

编写测试类

import org.junit.jupiter.api.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.jdbc.core.JdbcTemplate;

import javax.sql.DataSource;

/**
 *
 */
@SpringBootTest
public class ConnectionUtilTest {

    private static final Logger LOGGER =
            LoggerFactory.getLogger(ConnectionUtilTest.class);
    @Autowired
    DataSource dataSource;

    @Test
    public void test() {
        JdbcTemplate template = new JdbcTemplate(dataSource);
        String sql = "select name from member limit 0, 1";
        String result = template.queryForObject(sql, String.class);
        LOGGER.info("name: {};", result);
    }
}

结果：

2021-07-25 16:44:22.268  INFO 1064 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Starting...
2021-07-25 16:44:23.162  INFO 1064 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Start completed.
2021-07-25 16:44:23.189  INFO 1064 --- [           main] c.g.c.h.j.util.ConnectionUtilTest        : name: yu;