SpringBoot中对数据库连接配置信息进行加密处理

1 在项目中加密

1.1 导包

<dependency>
  <groupId>com.github.ulisesbocchio</groupId>
  <artifactId>jasypt-spring-boot-starter</artifactId>
  <version>3.0.5</version>
</dependency>

1.2 加密

配置文件

jasypt:
  encryptor:
    password: study-demo
    algorithm: PBEWithMD5AndDES
    iv-generator-classname: org.jasypt.iv.NoIvGenerator

获取配置文件信息

package com.sky.properties;

import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;

/**
 * 应用配置信息
 *
 * @author wangs
 * @date 2024/9/21 14:18
 */
@Data
@Component
@ConfigurationProperties(value = "jasypt.encryptor")
public class AppProperties {

    /**
     * 加密盐值
     */
    private String password;
}

加密代码

package com.sky;

import com.sky.properties.AppProperties;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import org.junit.jupiter.api.Test;
import org.junit.runner.RunWith;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit4.SpringRunner;

import javax.annotation.Resource;

@SpringBootTest(classes = SkyApplication.class)
@RunWith(SpringRunner.class)
public class EncryptorTest {

    /**
     * MySQL连接信息
     */
    private final static String HOST_NAME = "主机IP";
    private final static String USERNAME = "数据库用户名";
    private final static String PASSWORD = "数据库密码";

    @Resource
    private AppProperties appProperties;


    /**
     * 加密MySQL数据库
     */
    @Test
    public void mysqlEncryptorTest() {
        StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
        // 加密盐值
        encryptor.setPassword(appProperties.getPassword());
        String host = encryptor.encrypt(HOST_NAME);
        String username = encryptor.encrypt(USERNAME);
        String password = encryptor.encrypt(PASSWORD);

        System.out.println("host密文："+host);
        System.out.println("username密文："+ username);
        System.out.println("password密文："+password);
    }
}

1.3 修改配置文件

将 1.2 中生成的密文替换配置文件中的明文信息

  datasource:
    driver-class-name: com.mysql.cj.jdbc.Driver
    host: ENC(5+NRySB3LIsgOI2IEFrLaAt96lB0kvyK)
    port: 3306
    database: xxx_xxx_xxx
    username: ENC(27L2N1KZZnJWGfYjIXRLcA==)
    password: ENC(f9Dc9EY6TQqmPMqARsO5/g==)

1.4 问题解决

在使用过程中，遇到了一个问题

failed to bind properties under spring.datasource.druid.password' to java.lang.String

出现这个问题的时候，在配置文件中，我并没有加上最后面的两行，加上后解决问题

jasypt:
  encryptor:
    password: study-demo
    algorithm: PBEWithMD5AndDES
    iv-generator-classname: org.jasypt.iv.NoIvGenerator

---

2 参考博客

数据库加密：数据库连接加密（SpringBoot+jasypt加密）

问题报错：springboot - 解决jasypt failed to bind properties - 30岁程序员的挣扎之路 - SegmentFault 思否