1. 首页
  2. 问答
  3. 如何解密@ConfigurationProperties bean中使用的属性?

如何解密@ConfigurationProperties bean中使用的属性?

2015-04-29 52 views
6

我正在使用Spring Boot 1.2.3,我想了解是否可以在将属性值注入到注释为@ConfigurationProperties的bean之前解密属性值。如何解密@ConfigurationProperties bean中使用的属性?

假设我有在application.properties文件中的以下内容:

appprops.encryptedProperty=ENC(ENCRYPTEDVALUE)

和示例应用程序,像这样:

package aaa.bb.ccc.propertyresearch; 

import org.springframework.boot.SpringApplication; 
import org.springframework.boot.autoconfigure.SpringBootApplication; 
import org.springframework.boot.context.properties.ConfigurationProperties; 
import org.springframework.boot.context.properties.EnableConfigurationProperties; 

import javax.annotation.PostConstruct; 

@SpringBootApplication 
@EnableConfigurationProperties(PropertyResearchApplication.ApplicationProperties.class) 
public class PropertyResearchApplication { 

    public static void main(String[] args) { 
     SpringApplication.run(PropertyResearchApplication.class, args); 
    } 

    @ConfigurationProperties("appprops") 
    public static class ApplicationProperties { 
     private String encryptedProperty; 

     @PostConstruct 
     public void postConstruct() throws Exception { 
      System.out.println("ApplicationProperties --> appprops.encryptedProperty = " + encryptedProperty); 
     } 

     public String getEncryptedProperty() { 
      return encryptedProperty; 
     } 

     public void setEncryptedProperty(String encryptedProperty) { 
      this.encryptedProperty = encryptedProperty; 
     } 
    } 
}

在过去,我已经使用了自定义PropertySourcesPlaceholderConfigurer实现这一目标但它需要建立如下结构:

@Component 
public class ApplicationProperties { 
    @Value("${appprops.enrcyptedProperty}") 
    private String encryptedProperty; 

    @PostConstruct 
    public void postConstruct() throws Exception { 
     System.out.println("ApplicationProperties --> appprops.encryptedProperty = " + encryptedProperty); 
    } 

    public String getEncryptedProperty() { 
     return encryptedProperty; 
    } 
}

虽然这本身并不坏,我想看看我是否可以利用具有加密属性的@ConfigurationProperties的细微差别。

来源

2015-04-29 Centinul

+2

你见过这样的:http://stackoverflow.com/questions/24451110/creating-a-custom-jasypt-propertysource-in-springboot – koe

+0

OP发现HTTP的答案:/ /stackoverflow.com/a/24486190/4094797。请检查链接以找到解决方案。 – user2339071

回答

0

你可以使用org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer 可以在Spring上下文xml文件中添加以下Spring配置。

<context:property-placeholder location="classpath:application.properties"/> 


<bean class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer"> 
     <constructor-arg ref="configurationEncryptor" /> 
     <property name="location" value="classpath:application.properties" /> 
    </bean> 
    <bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor"> 
     <property name="algorithm" value="PBEWithMD5AndDES" /> 
     <property name="password" value="password" /> 
    </bean>

来源

2015-09-18 15:19:09

0

只需将以下文件放入您的spring项目中并实现自定义解密方法即可。

@Component 
public class CmtEncryptedPropertyConfigurer extends PropertySourcesPlaceholderConfigurer { 

private ConfigurableEnvironment environment; 

@Override 
public void setEnvironment(Environment environment) { 
    super.setEnvironment(environment); 
    this.environment = (ConfigurableEnvironment) environment; 
} 
@Override 
protected void loadProperties(Properties props) throws IOException { 
    this.localOverride = true; 
    for (PropertySource<?> propertySource : environment.getPropertySources()) { 
     if (propertySource instanceof EnumerablePropertySource) { 
      String[] propertyNames = ((EnumerablePropertySource) propertySource).getPropertyNames(); 
      for (String propertyName : propertyNames) { 
       String propertyValue = propertySource.getProperty(propertyName).toString(); 
       // put logic to see if decryption required for thsi name/value 
       // decrypt here 
       String decryptedValue = decrypt(propertyValue); 
       // set value here 
       props.setProperty(propertyName, decryptedValue); 
      } 
     } 
    } 
}}

来源

2017-01-03 20:54:56 leoismyname

0

PropertyResourceConfigurer有一个convertPropertyValue方法,您可以为此重写该方法。

https://docs.spring.io/autorepo/docs/spring/4.1.6.RELEASE/javadoc-api/org/springframework/beans/factory/config/PropertyResourceConfigurer.html#convertPropertyValue-java.lang.String-

public class EncryptedPropertySourcedPlaceholderConfigurer extends PropertySourcesPlaceholderConfigurer { 

    @Override 
    protected String convertPropertyValue(String originalValue) { 
    if(originalValue.startswith("ENC") { 
     return decrypt(originalValue.subString(4, originalValue.length() - 1); 
    } 
    return originalValue; 
    } 
}

来源

2017-12-11 15:37:22 avmohan

相关问题

 相关问题