Spring Boot如何在属性文件中隐藏密码 [英] Spring Boot how to hide passwords in properties file

问题描述

Spring Boot使用属性文件，并且至少在默认情况下，密码是纯文本。有可能以某种方式隐藏/解密这些吗？

Spring Boot uses the properties file, and at least by default, the passwords are in plain text. Is it possible to somehow hide/decrypt these?

推荐答案

您可以使用 Jasypt 来加密属性，所以你可以拥有这样的财产：

You can use Jasypt to encrypt properties, so you could have your property like this:

db.password=ENC(XcBjfjDDjxeyFBoaEPhG14wEzc6Ja+Xx+hNPrJyQT88=)

Jasypt允许您使用不同的算法加密您的属性，一旦获得加在<$ c $中的加密属性C> ENC（...）。例如，您可以使用终端通过Jasypt以这种方式加密：

Jasypt allows you to encrypt your properties using different algorithms, once you get the encrypted property you put inside the ENC(...). For instance, you can encrypt this way through Jasypt using the terminal:

encrypted-pwd$ java -cp ~/.m2/repository/org/jasypt/jasypt/1.9.2/jasypt-1.9.2.jar  org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI input="contactspassword" password=supersecretz algorithm=PBEWithMD5AndDES

----ENVIRONMENT-----------------

Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 24.45-b08



----ARGUMENTS-------------------

algorithm: PBEWithMD5AndDES
input: contactspassword
password: supersecretz



----OUTPUT----------------------

XcBjfjDDjxeyFBoaEPhG14wEzc6Ja+Xx+hNPrJyQT88=

轻松配置它Spring Boot你可以使用它的启动器 jasypt-spring-boot-starter 与组ID com。 github.ulisesbocchio

To easily configure it with Spring Boot you can use its starter jasypt-spring-boot-starter with group ID com.github.ulisesbocchio

请记住，你需要开始哟您使用与用于加密属性相同的密码的应用程序。所以，你可以这样开始你的应用程序：

Keep in mind, that you will need to start your application using the same password you used to encrypt the properties. So, you can start your app this way:

mvn -Djasypt.encryptor.password=supersecretz spring-boot:run

您可以查看以下链接了解更多详情：

You can check below link for more details:

https://www.ricston .com / blog / encrypting-properties-in-spring-boot-with-jasypt-spring-boot /

在您的应用中使用加密属性只是像往常一样使用它，使用你喜欢的任何一种方法（Spring Boot连接魔法，无论如何属性必须在类路径中）：

To use your encrypted properties in your app just use it as usual, use either method you like (Spring Boot wires the magic, anyway the property must be of course in the classpath):

使用 @Value 注释

@Value("${db.password}")
private String password;

或使用环境

@Autowired
private Environment environment;

public void doSomething(Environment env) {
    System.out.println(env.getProperty("db.password"));
}

这篇关于Spring Boot如何在属性文件中隐藏密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！