Foreword:
This article mainly introduces the
relevant knowledge of the special content of the Spring Boot encryption configuration file, which I read on the Internet, and will be modified in time if offending. This article introduces you in detail in the form of pictures and texts. It has a certain reference value for your study or work. Friends who need it can refer to
Sometimes security has to be considered. Looking at the news leak incident, we know that when we use Spring boot for development, we often need to configure a lot of external parameters such as ftp, database connection information, payment information and other sensitive private information. The following
is not good. Especially for Internet applications, encryption should be used to be more secure. It is a bit similar to some applications such as e-commerce, public security, security check platforms, rolling large screen winning information, etc. The ID number and mobile phone number are the first few digits 4109128** and 158 . Then modify the plaintext in the figure
1. Introduce an encryption package, optional, if you implement the encryption and decryption algorithm yourself, you do not need to introduce a third-party encryption and decryption library
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.2</version>
</dependency>
2. Encrypt sensitive content, and then fill in the configuration file encryption code:
BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
textEncryptor.setPassword("company");
String name = textEncryptor.encrypt("root");
String password = textEncryptor.encrypt("cstorfs");
System.out.println("数据库用户名加密后:"+name);
System.out.println("数据库密码加密后:"+password);
The effect of output encryption
Fill in the database user name and password corresponding to these two values
. 3. Writing the configuration class is the class marked with @Configuration annotations in Spring, and then decrypt the database user name and password in the configuration file (as shown in the figure above) Sensitive attribute fields)
4. Write test cases and only write core code
// 我使用的最新版Springboot2.3.0(放弃1版本)启动后,不放心的话可以测试数据库是否连接正常
UserMapper userMapper = applicationContext.getBean(UserMapper.class);
Example example = new Example(User.class);
example.createCriteria().andEqualTo("username", "dongguangming");
List<User> userList = userMapper.selectByExample(example);
if (userList.size() > 0) {
User user = userList.get(0);
logger.info("数据库连接正常,从用户表取用户名是donggguangming的数据,用户:" + user);
}
Output effect:
ok, this is the effect! ! ! Note that there is no mandatory requirement for the encryption and decryption algorithm, you can write it yourself. Sensitive information (ftp, email, database connection information, Alipay, WeChat, etc.) can also be added, and decrypt it when you use it.
to sum up
With the blessing of Spring Boot, we are of course a duck in the water in the process of developing microservices. However, in the use of the most basic thread pool, our team has stepped on a lot of relatively low-level pits, which can all be avoided by good agreement. This article briefly demonstrates our encryption configuration file based on Spring Boot.
In addition, I have collected more than 20 years of company interview knowledge points, as well as various Java core knowledge points to share with you for free. If you want information, please click here to sign qf.
