Implement configuration encryption function in MyBatis-Plus (using the AES algorithm)
During project development, in order to enhance data security, we often need to encrypt sensitive information.
MyBatis-Plus provides convenient configuration encryption, allowing us to encrypt and decrypt sensitive information in configuration files.
Configuring the introduction of AES encryption
First, we need to add relevant dependencies to use the AES encryption feature that comes with MyBatis-Plus.
In the Maven project, open the file and add the following dependencies:
<dependencies>
<!-- Other dependencies -->
<dependency>
<groupId></groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>Latest version</version>
</dependency>
</dependencies>Please make sure toLatest versionReplace with the actual version number you want to use.
Encrypt configuration files
Now let's demonstrate how to encrypt and decrypt configuration files using the AES encryption function that comes with MyBatis-Plus.
1. Create an encryption key
First, we need to generate the keys required for AES encryption. The keys can be generated using the command line tool KeyGeneratorUtils.
Execute the following command:
("AES");This command will output the generated AES key in the console, please save the key value properly.
2. Encrypt the configuration file
Before encryption, we need the configuration file in Spring BootAdd the following configuration items:
# Configure MyBatis-Plus encryption type to AES-type=AES # Set the key (replace <AES_KEY> with the actual generated AES key)-key=M3kPeU45C1IlNval8Pfwt00G+EZqqqdf1n1JPQedzGI=
In the above example, we use AES encryption and set the key to the previously generated AES key.
Now, we can modify the configuration items we want to encrypt to plaintext.
For example, to encrypt the database connection password, we canChange the value of the corresponding password attribute in the file to plaintext form:
=mydbpassword
3. Decrypt the configuration file
When you need to use configuration items in your code, we do not need to decrypt manually, MyBatis-Plus will decrypt automatically.
For example, when obtaining the database connection password, you can directly read itproperty values in without additional processing of decryption operations.
import ;
import ;
@Service
public class DatabaseService {
@Value("${}")
private String password;
public void connectToDatabase() {
// Use the decrypted password to perform database connection operation
// ...
}
}In the above example, we use Spring's@ValueThe annotation directly injects the AES decrypted password.
Testing and Verification
To verify that the configuration encryption function is in effect, we can write unit tests and launch applications to test.
First, we create a unit test and inject the class that needs to be configured with encryption. Then, call the corresponding method in the test method to verify that the properties using the encryption configuration can be accessed normally.
Here is an example:
import ;
import ;
import ;
@SpringBootTest
public class ConfigEncryptionTest {
@Autowired
private DatabaseService databaseService;
@Test
public void testConfigEncryption() {
// Verify that the decryption function is in effect ();
// ...Other test codes }
}In the above example, we injectDatabaseService, and callconnectToDatabaseMethod to perform database connection operation.
By writing and running test cases, you can verify that the configuration encryption function in MyBatis-Plus is working properly. Make sure that the encrypted properties are correctly configured before running the tests and that the relevant dependencies have been added to the project.
Note: To use the encryption feature, make sure that the configuration items in the configuration file are configured according to the example above and that the relevant dependencies have been added correctly.
Summarize
The above is personal experience. I hope you can give you a reference and I hope you can support me more.