Spring Boot integrated jasypt security framework

The Jasypt security framework provides spring integration, primarily for

The Placeholderconfigurersupport class or its subclasses.

After Sring 3.1, it is recommended to replace the configuration class with the Propertysourcesplaceholderconfigurer class as a property, where spring integration Jasypt uses Jasypt to replace the implementation of the configuration class with the attribute. Encryptablepropertysourcesplaceholderconfigurer.

It is easier to integrate in spring, and Jasypt has also given the way to configure beans and XML using jasypt tags, and spring boot integration is a little bit different, creating an automatic configuration class, and create a bean that injects placeholderconfigurersupport jasypt implementation.

The following is an example of use:

import org.jasypt.encryption.pbe.standardpbebyteencryptor;import  org.jasypt.encryption.pbe.standardpbestringencryptor;import  org.jasypt.spring31.properties.encryptablepropertysourcesplaceholderconfigurer;import  org.springframework.boot.autoconfigure.autoconfigureorder;import  org.springframework.boot.autoconfigure.condition.conditionalonmissingbean;import  org.springframework.boot.autoconfigure.condition.searchstrategy;import  org.springframework.context.annotation.bean;import org.springframework.context.annotation.configuration; import org.springframework.context.support.propertysourcesplaceholderconfigurer;import  org.springframework.core.ordered;import org.springframework.core.io.classpathresource;/** *  author : secondriver * date   : 2016/5/26 */@ Configuration@autoconfigureorder (ordered.highest_precedence) public class  encryptpropertyplaceholderautoconfiguration {    private static final string security_properties_file =  " Security.properties ";     @Bean      @ConditionalOnMissingBean (search  = searchstrategy.current)     public static  Propertysourcesplaceholderconfigurer propertysourcesplaceholderconfigurer ()  {         StandardPBEStringEncryptor encryptor = new  Standardpbestringencryptor ();         encryptor.setalgorithm ( Standardpbebyteencryptor.default_algorithm);         Encryptor.setpassword ("Security");         encryptablepropertysourcesplaceholderconfigurer                 configurer = new  Encryptablepropertysourcesplaceholderconfigurer (ENCRYPTOR);         configurer.setlocation (New classpathresource ( Security_properties_file));        return configurer;     }}

The write of the configuration file is basically similar to the spring XML. Application.yml equivalent to Applicationcontext.xml,security.properties is the configuration file for property substitution.

APPLICATION.YML:

Spring:datasource:url:jdbc:mysql://localhost:3306/abc?usessl=false username:root password: ${jdbc.password}

Security.properties:

Jdbc.password=enc (JWGGELCKUXRUCI2AQA6CF9VCXYPUKEZR)

When you create a data source, when you use the attribute parameter, the content in enc () is decrypted, the authentication succeeds, and the data source is created.

This article is from the "Red Horse Red" blog, please be sure to keep this source http://aiilive.blog.51cto.com/1925756/1784180

Spring Boot integrated jasypt security framework