This is the 15th day of my participation in the August Text Challenge.More challenges in August

Because the blogger recently encountered a project to use ciphertext database password configuration, so record the use process

1 Usage Requirements

In the SpringBoot project, database connection information is stored in configuration files such as application.yml. If plaintext passwords are used directly, database information may be exposed. Therefore, database information in the production environment needs to be encrypted.

2 Procedure

1 Prepare a SpringBoot project environment

2 Add the JASypt JAR package

		<dependency>
			<groupId>com.github.ulisesbocchio</groupId>
			<artifactId>jasypt-spring-boot-starter</artifactId>
			<version>1.17</version>
		</dependency>
Copy the code

3 Create a test class

public class JasyptTest {

	//encryption@Test
    public void testEncrypt() throws Exception {
        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        EnvironmentPBEConfig config = new EnvironmentPBEConfig();

        //The algorithm is the default config.setalgorithm ("PBEWithMD5AndDES");//Encrypted key config.setpassword ("123456"); standardPBEStringEncryptor.setConfig(config); String plainText= "root";
        String encryptedText = standardPBEStringEncryptor.encrypt(plainText);
        System.out.println(encryptedText);
    }

	//decryption@Test
    public void testDe() throws Exception {
        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        EnvironmentPBEConfig config = new EnvironmentPBEConfig();

        //The algorithm is the default config.setalgorithm ("PBEWithMD5AndDES");//Encrypted key config.setpassword ("123456"); standardPBEStringEncryptor.setConfig(config); String encryptedText= "fWnmlHboGH/GONZXg+84WQ==";
        String plainText =standardPBEStringEncryptor.decrypt(encryptedText); System.out.println(plainText); }}Copy the code

4 Modify the configuration file

# mysql
spring:
  datasource:
    type: com.alibaba.druid.pool.DruidDataSource
    # MySQL configuration
    driverClassName: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://localhost:3306/test? useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=Asia/Shanghai
    username: root
    password: ENC(fWnmlHboGH/GONZXg+84WQ==)
jasypt:
  encryptor:
    password: 123456
Copy the code

5 start the project and visit the taboo

6 Add the key to the startup command

Comment out the key in the application.yml configuration file. In the startup command line add – Djasypt. The encryptor. Password = keys.

Test effect:

3 summary

About the database password encryption function, in the ordinary development, use less, but in the production environment, to the database password encryption, it is really necessary. Because the most important thing in a project is data, data security is a top priority.