1.maven2 Reference
Jasypt coordinates
<dependency>
<groupId>org.jasypt</groupId>
<artifactid>jasypt</artifactid >
<version>{version}</version>
<scope>compile</scope>
</dependency >Jasypt with spring coordinates
<dependency>
<groupId>org.jasypt</groupId>
<artifactid>jasypt-spring31</ artifactid>
<version>{version}</version>
<scope>compile</scope>
</ Dependency>To combine spring, you need to add jasypt-spring31 to the dependency
Simple Lightweight reference
<dependency>
<groupId>org.jasypt</groupId>
<artifactid>jasypt</artifactid >
<version>{version}</version>
<classifier>lite</classifier>
<scope >compile</scope>
</dependency>2. Declare a encryptor reference in spring
For example:
<bean id= "Strongencryptor"
class= "Org.jasypt.encryption.pbe.StandardPBEStringEncryptor" >
< Property name= "Algorithm" >
<value>PBEWithMD5AndTripleDES</value>
</property>
<property name= "password" >
<value>jasypt</value>
</property>
</ Bean>algorithm= algorithm
Password= Key
3. Using Spring's app application configuration file encryption
Jasypt provides an understanding of the spring configuration management class classes: Org.jasypt.spring3.properties.EncryptablePropertyPlaceholderConfigurer, as a totally compatible replacement for Spring ' Spropertyplaceholderconfigurer. Org.jasypt.spring3.properties.EncryptablePropertyOverrideConfigurer, as a totally compatible replacement for Spring ' Spropertyoverrideconfigurer. Org.jasypt.spring3.properties.EncryptableServletContextPropertyPlaceholderConfigurer:as a totally compatible Replacement for Spring ' Sservletcontextpropertyplaceholderconfigurer. Org.jasypt.spring3.properties.EncryptablePreferencesPlaceholderConfigurer:as a totally compatible replacement for Spring ' Spreferencesplaceholderconfigurer.
Example:
The configuration file is as follows:
Datasource.driver=com.mysql.jdbc.driver Datasource.url=jdbc:mysql://localhost/reportsdb Datasource.username=reportsuser Datasource.password=enc (G6N718UUYPE5BHYWKYULQSM02AUQPUTM)
Where Datasource.password is an encrypted string, value must be enclosed in a enc () encrypted string
Spring Context Configuration:
<!----> <!--Configuration for ENC Ryptor, based on environment variables. --> <!----> <!--in this example, the Encryption password'll be read from a--> <!--environment variable called "App_encryption_password" whic H, once--> <!--The application has been started, could safely be unset. --> <!----> <bean id= "Environmentvaria Blesconfiguration "class=" Org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig "> <property name=" alg Orithm "value=" Pbewithmd5anddes "/> <property name=" passwordenvname "value=" App_encryption_password "/> < /bean> key passwordenvname Use environment variable App_encryption_password
<!----> <!--the'll be the ENCRYP Tor used for decrypting configuration values. --> <!----> <bean id= "Configurationenc Ryptor "class=" Org.jasypt.encryption.pbe.StandardPBEStringEncryptor "> <property name=" config "ref=" Environme Ntvariablesconfiguration "/> </bean> <!-- --> <!--The encryptablepropertyplaceholderconfigurer'll read the--> <!--. properties file s and make their values accessible as ${var}--> <!-- --> <!--our "Configurationencryptor" bean (which implements--> <!--org. Jasypt.encryption.StringEncryptor) is set as a constructor arg. --> <!-- --> <bean id= "Propertyconfigurer" class= "Org.jasypt.spring3" . Properties. Encryptablepropertyplaceholderconfigurer "> <constructor-arg ref=" configurationencryptor "/> <property N Ame= "Locations" > <list> <value>/WEB-INF/classes/application.properties</value> </ list> </property> </bean> Replace the encryptablepropertyplaceholderconf of spring Propertyplaceholderconfigurer Igurer
<!----> <!--our datasource are configure D here, in the usual way. Jasypt ' s--> <!--Encryptedpropertyplaceholderconfigurer'll make sure this--> <!--${dat Asource.password} file gets decrypted and the DBCP DataSource--> <!--would be correctly initialised. --> <!----> & Lt;bean id= "DataSource" class= "Org.apache.commons.dbcp.BasicDataSource" destroy-method= "Close" > <proper Ty name= "Driverclassname" > <value>${datasource.driver}</value> </property> <property na
Me= "url" > <value>${datasource.url}</value> </property> <property name= "username" > <value>${datasource.username}</value> </property> <property name= "password" > <vaDatasource.password encrypted in lue>${datasource.password}</value> </property> </bean> configuration files will be decrypted To.
There are a few instructions, too lazy to translate, I see it (English level does not stop, the back can be seen without looking)
encryptable servletcontextpropertyplaceholderconfigurer implementation for Spring
Jasypt includes Org.jasypt.spring3.properties.EncryptableServletContextPropertyPlaceholderConfigurer, a subclass of Org.springframework.web.context.support.ServletContextPropertyPlaceholderConfigurer which allows the transparent Decryption of the servlet context parameters in Web applications (for example, parameters in Web-inf/web.xml).
These encrypted parameters can is specified in a way equivalent to this of encrypted parameters in. properties Files:
...
<context-param>
<param-name>someParameter</param-name>
<param-value>enc (...) </param-value>
</context-param>
...
encryptable preferencesplaceholderconfigurer implementation for Spring
Jasypt includes Org.jasypt.spring3.properties.EncryptablePreferencesPlaceholderConfigurer, a subclass of Org.springframework.beans.factory.config.PreferencesPlaceholderConfigurer which allows the transparent decryption Preferences set with JDK 1.4 ' s preferences API.
The Jasypt-spring3 Library includes a namespace can use in your Spring XML files in order to make the declaration of Y Our Jasypt entities is much easier.
This namespace can is included in your XML as this:
<beans xmlns= "Http://www.springframework.org/schema/beans" ...
xmlns:encryption= "Http://www.jasypt.org/schema/encryption" ...
xsi:schemalocation= "Http://www.springframework.org/schema/beans
http://www.springframework.org/schema/ Beans/spring-beans-3.0.xsd ...
Http://www.jasypt.org/schema/encryption
http://www.jasypt.org/schema/encryption/ Jasypt-spring3-encryption-1.xsd ...
">
Once declared, you are able to use <encryption:*> tags for:creating encryptors and digesters. Creating configuration beans, both for encryptors and for Digesters. Creating instances of Encryptableproperties (extending java.util.Properties) that automatically decrypt entries in. prope rties files. Registering an encryptablepropertyplaceholderconfigurer. creating Encryptors and Digesters
Creating Encryptor and Digester artifacts with the encryption namespace are easy. There ' s a tag for each type of encryptor/digester (including some util classes), and each tags are able to specify all of T He artifact ' s properties as tag attributes.
Let ' s some encryptor declaration examples:
<!--registers an org.jasypt.encryption.byteencryptor--> <encryption:byte-encryptor id= "MyEncryptor" Algorithm= "Pbewithmd5andtripledes" password= "Jasypt"/> <!--registers an org.jasypt.encryption.stringencryptor--> <encryption:string-encryptor id= "MyEncryptor" password= " Jasypt "pool-size=" 5 "/> <!--registers an org.jasypt.encryption.bigdecimalencryptor--> < Encryption:big-decimal-encryptor password= "Jasypt" key-obtention-iterations= "15000"/> <!--Registers an org.jasypt.encryption.bigintegerencryptor--> <encryption:big-integer-encryptor id= "MyEncryptor" Password= "Jasypt" provider-name= "BC"/>
Note how the Pool-size parameter would affect the specific implementation of encryptor-being created:a pooledpbe*encryptor If parameter is specified, and a standardpbe*encryptor if not.
Now for some digesters:
<!--registers an org.jasypt.digest.bytedigester--> <encryption:byte-digester algorithm= "SHA-1" Salt-size-bytes= "iterations=" 50000 "/> <!--registers an org.jasypt.digest.stringdigester--> <encryption:string-digester pool-size= "Ten"/>
Again, the pool-size would determine whether the digesters would be Standard or pooled.
Some util artifacts can also be instantiated this way:
creating configuration beans for encryptors and digesters<!--Password encryptors--> <encryption:basic-password-encryptor/> <encryption: strong-password-encryptor/> <encryption:configurable-password-encryptor/> <!--Text Encryptors--> <encryption:basic-text-encryptor password= "Jasypt"/> <encryption : Strong-text-encryptor password= "Jasypt"/>
Configuration beans Implement the Digesterconfig interface for digesters and pbeconfig for Encryptors, and Jasypt offers S Everal implementations of this interfaces Out-of-the-box depending on whether the digester to be created are meant for BYT Es or Strings, and also whether some configuration parameters can come from environment variables System Properties .
The encryption namespace'll automatically choose the correct config bean implementation to is instantiated on The specified configuration attributes, so this you don't have to worry about the specific class you implementation.
Let ' s some examples:
<encryption:digester-config id= "DConf1" iterations= "1400" salt-size-bytes= "/> <encryption" : Digester-config id= "DConf2" iterations= "10000" string-output-type= "Hexa"/> <encryption:digester-config Id= "dConf3" string-output-type= "Hexa" algorithm-env-name= "Var_algorithm"/> <encryption : Encryptor-config id= "EConf1" key-obtention-iterations= "password-env-name=" var_passwd "/>" < Encryption:encryptor-config id= "EConf2" password-env-name= "var_passwd" algorithm= "Pbewithmd5andtripledes"/> <encryption:encryptor-config id= "eConf3" password= "Jasypt" Jasypt.enc.algorithm "/>
Using these beans in our encryptors/digesters are easy:
Creating Encryptableproperties instances<encryption:digester-config id= "dConf" string-output-type= " hexa" algorithm-env-name= "Var_algorithm"/> <encryption:string-digester config-bean= "dConf"/> <encryption:encryptor-config id= "eConf" Password-env-name= "var_passwd" algorithm= "Pbewithmd5andtripledes"/> <encryption:string-encryptor id= " Stringenc "config-bean=" econf "/>
Usually, in Spring you can create a java.util.Properties beans in your XML using the Util namespace, like this:
<util:properties location= "Classpath:application.properties"/>
Jasypt allows to register a Org.jasypt.properties.EncryptableProperties object in a equivalent manner, simply by add ing an encryptor bean reference:
<encryption:encryptable-properties encryptor= "Stringenc" location= "Classpath:application.properties"/>
This <encryption:encryptable-properties> tag works in exactly the same way and with exactly the same features as ; util:properties>, and as the object it registers is a subclass of Java.util.Properties, can autowire it inside R application with your the code not even noticing these properties are originally. Registering an encryptablepropertyplaceholder/override
Spring allows to easily register a propertyplaceholderconfigurer that takes care of the resolution of your ${...} prop Erty Expressions:
<context:property-placeholder location= "Classpath:application.properties"/>
But If you are want to register a encryptablepropertyplaceholder instead because your property files might is encrypted Can do:
<encryption:encryptable-property-placeholder encryptor= "Stringenc" location= "classpath:application.properties "/>
And that ' s it! A property Override implementation is also provided:
<encryption:encryptable-property-override encryptor= "Stringenc" location= "classpath:application.properties"/ >
For the details on the how to integrate Jasypt with the Spring Security 3.x, please have a look in this guide.
Reference: Http://www.jasypt.org/spring3.html.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
