SoFunction
Updated on 2025-03-06

Three solutions for SpringBoot configuration file password encryption

3 solutions for configuration file password encryption

1. Add jasypt in configuration file

Add jasypt reference

<dependency>
    <groupId></groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
</dependency>

2. Add jasypt configuration in springboot configuration file

jasypt:
  encryptor:
    algorithm: PBEWithMD5AndDES ##Salt    password: dddda123 #Key

2. Use configuration class to initially load and decrypt

Add jasypt dependencies

<dependency>
    <groupId></groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
</dependency>

2. Write configuration class loading beans

package ;
import ;
import ;
import ;
import ;
import ;
*/
/**
  * @author
  * @date 2023/6/719:41
  * @Package
  * @description Automatically configure encryption information
  *//*

@Configuration
public class EncryptorConfig {
    @Bean("jasyptStringEncryptor")
    public StringEncryptor jasyptStringEncryptor() {
        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
        ("WyYJ5C8l9qWSjkMpP2ilsIRkvhvp9wH4");
        // The comment part is the default configuration        ("PBEWithMD5AndDES");
//        ("1000");
        ("1");
//        ("SunJCE");
//        ("");
//        ("");
//        ("base64");
        (config);
        return encryptor;
    }
}

3. Not displaying the configuration key in the configuration file

Use Jasypt to encrypt and decrypt

1. Add Jasypt dependencies

Add Jasypt dependencies to the file:

<dependency>
    <groupId></groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>3.0.3</version>
</dependency>

2. Get the encrypted string

Online website: https://new./

3. Use encrypted password in configuration file

Use the encrypted password in or in the format ENC (encrypted password). For example:

=ENC(1WqJf1V5n1R4n5v2k3P4q5I7r2Q3u5Q1)

4. Configure the decryption password and salt value into the environment variable during installation.

export JASYPT_ENCRYPTOR_PASSWORD=mySecretPassword
export JASYPT_ENCRYPTOR_IV_GENERATOR_CLASSNAME=

5. Pass in and -generator-classname when java command is started

java -jar  -=$JASYPT_ENCRYPTOR_PASSWORD --generator-classname=

Use of password encryption

1. Use ENC (encrypted password) in the configuration file that needs to be encrypted

2. How to get the encrypted password

    private static final String ALGORITHM_INFO = "PBEWithMD5AndDES";

    private static final String PASSWORD_INFO = "WyAh5C8l9qWSGHMpda1lsIRkvhvpyDH1";

    @GetMapping("/encryptPwd")
    public void encryptPwd() {
        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        //Configure the following algorithm in the configuration file        (ALGORITHM_INFO);
        //Password configured in the configuration file        (PASSWORD_INFO);
        //The text to be encrypted        String name = ("abababa");
        String password = ("e022f87539fd81f3");
        String redisPassword = ("gbasedbt123");
        String redisPassword2 = ("abababa");
        String redisPassword3 = ("123456");
        String redisPassword4 = ("6a3d373e077b41b5a1c53f993c4fdc80");
        String oppeer= ("oppeer");
        String ddlla= ("ddlla");
        String nacos = ("nacos");
        //Write the encrypted text into the configuration file        ("【abababa】=" + name);
        ("【e022f87539fd81f3】=" + password);
        ("【gbasedbt123】=" + redisPassword);
        ("【abababa】=" + redisPassword2);
        ("【123456】=" + redisPassword3);
        ("【6a3d373e077b41b5a1c53f993c4fdc80】=" + redisPassword4);
        ("【oppeer】=" + oppeer);
        ("【ddlla】=" + ddlla);
        ("【nacos】=" + nacos);

        //The text to be decrypted       *//* String name2 = ("3U+OHwCEJvWNCnjV6iVYvMxYYcJTxJpoQchB4/ttEsV5YdHI9jFW8S92KiTI6yLk");
         String password2 = ("0PbODjzlXKy2a0Ijag3oEFqmvRpUl736GVkh55sY4SmTk5Nl1FzxpETEScFtL47W");
 // String redisPassword2 = ("ZII7UphhbVuJ8c3oxPUeyw==");
         //Decrypted text
         ("name2=" + name2);
         ("password2=" + password2);*//*

}

There are two configuration file password encryption schemes. One is to add a jasypt reference to the configuration file and add a jasypt configuration, and the other is to use the configuration class to load the bean for encryption and decryption. The encrypted password can be obtained using ENC (encrypted password) in the configuration file. The encryption algorithm used is PBEWithMD5AndDES, and the key is WyAh5C8l9qWSGHMpda1lsIRkvhvpyDH1. The encrypted password can be obtained by accessing /encryptPwd.

This is the end of this article about the three solutions for SpringBoot configuration file password encryption. For more related SpringBoot configuration file password encryption content, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!