springboot jasypt加密_java打包加密

springboot jasypt加密_java打包加密1.maven2引用jasypt坐标org.jasyptjasypt{version}compile jasyptwithspring坐标org.jasyptjasypt-spring31{version}compile如要结合spri

大家好,又见面了,我是你们的朋友全栈君。如果您正在找激活码,请点击查看最新教程,关注关注公众号 “全栈程序员社区” 获取激活教程,可能之前旧版本教程已经失效.最新Idea2022.1教程亲测有效,一键激活。

Jetbrains全系列IDE稳定放心使用

1.maven2引用

jasypt坐标

<dependency>
      <groupId>org.jasypt</groupId>
      <artifactId>jasypt</artifactId>
      <version>{version}</version>
      <scope>compile</scope>
</dependency>
 

jasypt with spring坐标

<dependency>
      <groupId>org.jasypt</groupId>
      <artifactId>jasypt-spring31</artifactId>
      <version>{version}</version>
      <scope>compile</scope>
</dependency>

如要结合spring ,需要将jasypt-spring31加入依赖

 

简单轻量的引用

    <dependency>
      <groupId>org.jasypt</groupId>
      <artifactId>jasypt</artifactId>
      <version>{version}</version>
      <classifier>lite</classifier>
      <scope>compile</scope>
    </dependency>

 

2.在spring中声明一个Encryptor的引用

例如:

<bean id="strongEncryptor"
    class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
    <property name="algorithm">
        <value>PBEWithMD5AndTripleDES</value>
    </property>
    <property name="password">
        <value>jasypt</value>
    </property>
  </bean>

 

algorithm=算法

password=密钥

 

3.使用spring的app应用配置文件加密

Jasypt 提供的可体会spring configuration管理类的classes:

  • org.jasypt.spring3.properties.EncryptablePropertyPlaceholderConfigurer, as a totally compatible replacement for Spring’sPropertyPlaceholderConfigurer.
  • org.jasypt.spring3.properties.EncryptablePropertyOverrideConfigurer, as a totally compatible replacement for Spring’sPropertyOverrideConfigurer.
  • org.jasypt.spring3.properties.EncryptableServletContextPropertyPlaceholderConfigurer: as a totally compatible replacement for Spring’sServletContextPropertyPlaceholderConfigurer.
  • org.jasypt.spring3.properties.EncryptablePreferencesPlaceholderConfigurer: as a totally compatible replacement for Spring’sPreferencesPlaceholderConfigurer.

例子:

配置文件如下:

 datasource.driver=com.mysql.jdbc.Driver
 datasource.url=jdbc:mysql://localhost/reportsdb
 datasource.username=reportsUser
 datasource.password=ENC(G6N718UuyPE5bHyWKyuLQSm02auQPUtm)

 

其中datasource.password是加密了的字符串,value的值必须要使用ENC()加密字符串括起来

 

Spring context configuration:

 
 <!--                                                                      -->
 <!-- Configuration for encryptor, based on environment variables.         -->
 <!--                                                                      -->
 <!-- In this example, the encryption password will be read from an        -->
 <!-- environment variable called "APP_ENCRYPTION_PASSWORD" which, once    --> 
 <!-- the application has been started, could be safely unset.             -->
 <!--                                                                      -->
 <bean id="environmentVariablesConfiguration"
     class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
   <property name="algorithm" value="PBEWithMD5AndDES" />
   <property name="passwordEnvName" value="APP_ENCRYPTION_PASSWORD" />
 </bean>
密钥passwordEnvName使用环境变量APP_ENCRYPTION_PASSWORD
  
  
 <!--                                                                      -->
 <!-- The will be the encryptor used for decrypting configuration values.  -->
 <!--                                                                      -->
 <bean id="configurationEncryptor"
     class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
   <property name="config" ref="environmentVariablesConfiguration" />
 </bean>


 <!--                                                                      -->
 <!-- The EncryptablePropertyPlaceholderConfigurer will read the           -->
 <!-- .properties files and make their values accessible as ${var}         -->
 <!--                                                                      -->
 <!-- Our "configurationEncryptor" bean (which implements                  --> 
 <!-- org.jasypt.encryption.StringEncryptor) is set as a constructor arg.  -->
 <!--                                                                      -->
 <bean id="propertyConfigurer"
     class="org.jasypt.spring3.properties.EncryptablePropertyPlaceholderConfigurer">
   <constructor-arg ref="configurationEncryptor" />
   <property name="locations">
     <list>
       <value>/WEB-INF/classes/application.properties</value>
     </list>
   </property>   
 </bean>
替换spring PropertyPlaceholderConfigurer的EncryptablePropertyPlaceholderConfigurer
 <!--                                                                      -->
 <!-- Our datasource is configured here, in the usual way. Jasypt's        -->
 <!-- EncryptedPropertyPlaceholderConfigurer will make sure that the       -->
 <!-- ${datasource.password} file gets decrypted and the DBCP DataSource   -->
 <!-- will be correctly initialised.                                       -->
 <!--                                                                      -->
 <bean id="dataSource"
     class="org.apache.commons.dbcp.BasicDataSource"
     destroy-method="close">
   <property name="driverClassName">
     <value>${datasource.driver}</value>
   </property>
   <property name="url">
     <value>${datasource.url}</value>
   </property>
   <property name="username">
     <value>${datasource.username}</value>
   </property>
   <property name="password">
     <value>${datasource.password}</value>
   </property>
 </bean>
        
配置文件中加密了的datasource.password会被解密出来。
 
还有几个说明,懒得翻译了,自己看吧(英文水平不行的请止步,后面的可看可不看)
  
  
  

Encryptable ServletContextPropertyPlaceholderConfigurer implementation for Spring

Jasypt includes org.jasypt.spring3.properties.EncryptableServletContextPropertyPlaceholderConfigurer, a subclass of org.springframework.web.context.support.ServletContextPropertyPlaceholderConfigurer which allows the transparent decryption of servlet context parameters in web applications (for example, parameters in WEB-INF/web.xml).

These encrypted parameters can be specified in a way equivalent to that of encrypted parameters in .properties files:

    ...
    <context-param>
        <param-name>someParameter</param-name>
        <param-value>ENC(...)</param-value>
    </context-param>
    ...
     
     
     

Encryptable PreferencesPlaceholderConfigurer implementation for Spring

Jasypt includes org.jasypt.spring3.properties.EncryptablePreferencesPlaceholderConfigurer, a subclass of org.springframework.beans.factory.config.PreferencesPlaceholderConfigurer which allows the transparent decryption preferences set with JDK 1.4's Preferences API.

 
 

The jasypt-spring3 library includes a namespace you can use in your Spring XML files in order to make the declaration of your jasypt entities much easier.

This namespace can be included in your XML like this:

<beans xmlns="http://www.springframework.org/schema/beans"
       ...
       xmlns:encryption="http://www.jasypt.org/schema/encryption"
       ...
       xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                           ...
                           http://www.jasypt.org/schema/encryption
                           http://www.jasypt.org/schema/encryption/jasypt-spring3-encryption-1.xsd
                           ...">

Once declared, you will be able to use <encryption:*> tags for:

  • Creating encryptors and digesters.
  • Creating configuration beans, both for encryptors and for digesters.
  • Creating instances of EncryptableProperties (extending java.util.Properties) that automatically decrypt entries in .properties files.
  • Registering an EncryptablePropertyPlaceHolderConfigurer.

Creating encryptors and digesters

Creating encryptor and digester artifacts with the encryption namespace is easy. There's a tag for each type of encryptor/digester (including some util classes), and each tags is able to specify all of the artifact's properties as tag attributes.

Let's see some encryptor declaration examples:

  <!-- Registers an org.jasypt.encryption.ByteEncryptor-->
  <encryption:byte-encryptor id="myEncryptor" algorithm="PBEWithMD5AndTripleDES" password="jasypt"/>
  
  <!-- Registers an org.jasypt.encryption.StringEncryptor-->
  <encryption:string-encryptor id="myEncryptor" password="jasypt" pool-size="5"/>
  
  <!-- Registers an org.jasypt.encryption.BigDecimalEncryptor-->
  <encryption:big-decimal-encryptor password="jasypt" key-obtention-iterations="15000"/>
  
  <!-- Registers an org.jasypt.encryption.BigIntegerEncryptor-->
  <encryption:big-integer-encryptor id="myEncryptor" password="jasypt" provider-name="BC"/>

Note how the pool-size parameter will affect the specific implementation of encryptor being created: a PooledPBE*Encryptor if this parameter is specified, and a StandardPBE*Encryptor if not.

Now for some digesters:

  <!-- Registers an org.jasypt.digest.ByteDigester-->
  <encryption:byte-digester algorithm="SHA-1" salt-size-bytes="16" iterations="50000"/>
  
  <!-- Registers an org.jasypt.digest.StringDigester-->
  <encryption:string-digester pool-size="10"/>

Again, the pool-size attribute will determine whether the digesters will be Standard or Pooled.

Some util artifacts can also be instantiated this way:

  <!-- Password encryptors -->
  <encryption:basic-password-encryptor/>
  <encryption:strong-password-encryptor/>
  <encryption:configurable-password-encryptor/>
  
  <!-- Text encryptors -->
  <encryption:basic-text-encryptor password="jasypt"/>
  <encryption:strong-text-encryptor password="jasypt"/>

Creating configuration beans for encryptors and digesters

Configuration beans implement the DigesterConfig interface for digesters and PBEConfig for encryptors, and Jasypt offers several implementations of these interfaces out-of-the-box depending on whether the digester to be created is meant for bytes or Strings, and also whether some configuration parameters can come from environment variables and/or system properties.

The encryption namespace will automatically choose the correct config bean implementation to be instantiated depending on the specified configuration attributes, so that you do not have to worry about the specific implementation class you need.

Let's see some examples:

  <encryption:digester-config id="dConf1" iterations="1400" salt-size-bytes="32"/>
  <encryption:digester-config id="dConf2" iterations="10000" string-output-type="hexa"/>
  <encryption:digester-config id="dConf3" string-output-type="hexa" algorithm-env-name="VAR_ALGORITHM"/> 
   
  <encryption:encryptor-config id="eConf1" key-obtention-iterations="500" password-env-name="VAR_PASSWD"/> 
  <encryption:encryptor-config id="eConf2" password-env-name="VAR_PASSWD" algorithm="PBEWithMD5AndTripleDES"/> 
  <encryption:encryptor-config id="eConf3" password="jasypt" algorithm-sys-property-name="jasypt.enc.algorithm"/> 

Using these beans in our encryptors/digesters is easy:

  <encryption:digester-config id="dConf" string-output-type="hexa" algorithm-env-name="VAR_ALGORITHM"/>
  <encryption:string-digester config-bean="dConf"/>
   
  <encryption:encryptor-config id="eConf" password-env-name="VAR_PASSWD" algorithm="PBEWithMD5AndTripleDES"/>
  <encryption:string-encryptor id="stringEnc" config-bean="eConf"/> 

Creating EncryptableProperties instances

Usually, in Spring you can create a java.util.Properties bean in your XML using the util namespace, like this:

  <util:properties location="classpath:application.properties"/>

Jasypt allows you to register an org.jasypt.properties.EncryptableProperties object in an equivalent manner, simply by adding an encryptor bean reference:

  <encryption:encryptable-properties encryptor="stringEnc" location="classpath:application.properties"/>

This <encryption:encryptable-properties> tag works in exactly the same way and with exactly the same features as <util:properties>, and as the object it registers is a subclass of java.util.Properties, you can autowire it inside your application with your code not even noticing these properties are originally encrypted.

Registering an EncryptablePropertyPlaceholder/Override

Spring allows you to easily register a PropertyPlaceholderConfigurer that takes care of the resolution of your ${...} property expressions:

  <context:property-placeholder location="classpath:application.properties"/>

But if you want to register an EncryptablePropertyPlaceholder instead because your property files might be encrypted, you can do:

  <encryption:encryptable-property-placeholder encryptor="stringEnc" location="classpath:application.properties"/>

And that's it! A property override implementation is also provided:

  <encryption:encryptable-property-override encryptor="stringEnc" location="classpath:application.properties"/>

 

For details on how to integrate jasypt with Spring Security 3.x, please have a look at this guide.

 

 

引用:http://www.jasypt.org/spring3.html

 

版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。

发布者:全栈程序员-用户IM,转载请注明出处:https://javaforall.cn/189387.html原文链接:https://javaforall.cn

【正版授权,激活自己账号】: Jetbrains全家桶Ide使用,1年售后保障,每天仅需1毛

【官方授权 正版激活】: 官方授权 正版激活 支持Jetbrains家族下所有IDE 使用个人JB账号...

(0)


相关推荐

  • idea2021.2激活码[最新免费获取][通俗易懂]

    (idea2021.2激活码)最近有小伙伴私信我,问我这边有没有免费的intellijIdea的激活码,然后我将全栈君台教程分享给他了。激活成功之后他一直表示感谢,哈哈~https://javaforall.cn/100143.htmlIntelliJ2021最新激活注册码,破解教程可免费永久激活,亲测有效,上面是详细链接哦~70YZ…

  • Vmware Workstation虚拟机繁忙导致无法关机

    Vmware Workstation虚拟机繁忙导致无法关机环境Windows10(1903版本),Ubuntu18.04,VMwareWorkstationPro15。问题描述由于某些不知名的原因(好吧,其实是从windows向虚拟机复制文件时发生不知名错误),导致Ubuntu卡住不动了,而整个虚拟机也无法关掉。解决方法1.首先每打开一个虚拟机会有一个vmwareworkstationvmx.exe进程(如下图),正常关…

    2022年10月23日
  • 生活角色主要包括哪些内容_简要介绍眼睛是的体位分类

    生活角色主要包括哪些内容_简要介绍眼睛是的体位分类ILSVRC2012数据集(分类部分)简要介绍和初步处理简介即大名鼎鼎ImageNet2012竞赛的数据集,在图像分类数据集中属于最常用的跑分数据集和预训练数据集。主要内容可以参考ILSVRC2012_devkit_t12.gz的readme.txt和中文翻译版内容详解下载的文件主要包括以下几个文件:ILSVRC2012_img_train.tarILSVRC2012_img_val.tarILSVRC2012_img_test.tarILSVRC2012_devkit

    2022年10月21日
  • Java的控制台输入输出语句[通俗易懂]

    Java的控制台输入输出语句[通俗易懂]输出语句Java中常用的输出语句有以下三种System.out.println();System.out.print();System.out.printf();System.out.println();是最常用的输出语句,它会把括号里的内容转换成字符串输出到输出窗口(控制台),并且换行,当输出的是一个基本数据类型时,会自动转换成字符串,如果输出的是一个对象,会自动调用对象的toString

  • python对随机森林分类结果绘制roc曲线

    python对随机森林分类结果绘制roc曲线上图:附上代码:一个函数,传入三个参数…..传入参数,训练模型,然后:fit=model.fit(x_train,y_training)#ROCy_score=model.fit(x_train,y_training).predict_proba(x_test)#随机森林fpr,tpr,thresholds=roc_curve(y_test,…

  • vue-router路由懒加载_懒加载分页延时vue

    vue-router路由懒加载_懒加载分页延时vue安装:https://www.npmjs.com/package/babel-plugin-syntax-dynamic-import配置:路由文件:

发表回复

您的电子邮箱地址不会被公开。

关注全栈程序员社区公众号