Use Jasypt-spring-boot-starter for encryption and decryption functions.
The entire process description:
Configure a spring Cloud Config server to store the configuration file you want to use on GitHub, and then configure it from this configuration source.
We use Jasypt for automatic decryption, encrypt the data that needs to be encrypted, and then put that content on GitHub. Such as:
Use ENC () to wrap the encrypted original text so that the Spring Cloud Config client client will automatically decrypt and get the original text after it gets the string.
Here's a look at the overall steps:
1. First create a Spring Cloud Config Server service-side program
Here I do not write the steps, the more common server does not make any difference, the only difference is that the information stored in the configuration file on GitHub is encrypted. Such as.
2., create the client (using spring boot 1.5.10, Jasypt 1.16)
The project is created according to the normal structure and additional jasypt-spring-boot-starter packages are added.
The Pom.xml file is as follows:
<?xml version= "1.0" encoding= "UTF-8"? ><project xmlns= "http://maven.apache.org/POM/4.0.0" xmlns:xsi= "http ://www.w3.org/2001/XMLSchema-instance "xsi:schemalocation=" http://maven.apache.org/POM/4.0.0/http Maven.apache.org/xsd/maven-4.0.0.xsd "><modelVersion>4.0.0</modelVersion><groupId> Com.thunisoft</groupid><artifactid>thunisoft-microservice-testconfig</artifactid><version >0.0.1-SNAPSHOT</version><packaging>jar</packaging><name> Thunisoft-microservice-testconfig</name><description>demo Project for Spring boot</description> <parent><groupId>org.springframework.boot</groupId><artifactId> spring-boot-starter-parent</artifactid><version>1.5.10.release</version><relativepath/ > <!--lookup parent from repository--></parent><properties><project.build.sourceencoding >utf-8</project.build.sourceencoding><project.reporting.outputencoding>utf-8</project.reporting.outputencoding><java.version>1.8</java.version>< spring-cloud.version>edgware.sr2</spring-cloud.version></properties><dependencies>< Dependency><groupid>org.springframework.boot</groupid><artifactid>spring-boot-starter-web </artifactid></dependency><dependency><groupid>org.springframework.cloud</groupid ><artifactId>spring-cloud-starter-config</artifactId></dependency><dependency>< Groupid>org.springframework.boot</groupid><artifactid>spring-boot-starter-test</artifactid ><scope>test</scope></dependency> <dependency> <groupid>com.github.ulis Esbocchio</groupid> <artifactId>jasypt-spring-boot-starter</artifactId> <versio N>1.16</version> </dependency></dependencies><dependencyManagement><Dependencies><dependency><groupid>org.springframework.cloud</groupid><artifactid> Spring-cloud-dependencies</artifactid><version>${spring-cloud.version}</version><type> pom</type><scope>import</scope></dependency></dependencies></ dependencymanagement><build><plugins><plugin><groupid>org.springframework.boot</ groupid><artifactid>spring-boot-maven-plugin</artifactid></plugin></plugins></ Build></project>
3. Add configuration: Add the following configuration in Application.yml/application.properties:
Jasypt: encryptor: password:foo algorithm:pbewithmd5anddes
Algorithm: Configure the encryption algorithm to use, the default value is Pbewithmd5anddes
Password: equivalent to "salt" in encryption
4, then you can follow the normal process of taking the configuration file.
Package Com.thunisoft.thunisoftmicroservicetestconfig.controller;import Org.springframework.beans.factory.annotation.value;import org.springframework.web.bind.annotation.GetMapping; Import Org.springframework.web.bind.annotation.RestController; @RestControllerpublic class Displayconfigcontroller { @Value ("${profile}") private string profile, @GetMapping ("/") public string Showconfig () { return This.profile;}}
Spring Cloud config Hub auto-decryption feature