Implement the configuration encryption function in MyBatis-Plus (using AES algorithm)
During project development, in order to enhance data security, we often need to encrypt sensitive information. MyBatis-Plus provides a convenient configuration encryption function, which enables us to encrypt and decrypt sensitive information in configuration files. This article will introduce in detail how to implement the configuration encryption function in MyBatis-Plus, and give corresponding code examples.
Configuring the introduction of the AES encryption function
First, we need to add dependencies to use the built-in AES encryption in MyBatis-Plus. In the Maven project, open the pom.xml file and add the following dependencies:
<dependencies>
<!-- 其他依赖 -->
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>最新版本</version>
</dependency>
</dependencies>
Be sure to 最新版本
replace with the actual version number you wish to use.
encrypted configuration file
Now let's demonstrate how to use the AES encryption function that comes with MyBatis-Plus to encrypt and decrypt configuration files.
1. Create an encryption key
First, we need to generate the keys needed for AES encryption. Keys can be generated using the command line tool KeyGeneratorUtils. Execute the following command:
KeyGeneratorUtils.generateKey("AES");
This command will output the generated AES key on the console, please save the key value properly.
2. Encrypted configuration file
Before encryption, we need to application.properties
add the following configuration items in the Spring Boot configuration file:
# 配置 MyBatis-Plus 加密类型为 AES
mybatis-plus.configuration.encrypt-type=AES
# 设置密钥(将 <AES_KEY> 替换为实际生成的 AES 密钥)
mybatis-plus.configuration.encrypt-key=M3kPeU45C1IlNval8Pfwt00G+EZqqqdf1n1JPQedzGI=
In the above example, we use AES encryption and set the key to the AES key generated earlier.
Now, we can modify the configuration items that we want to encrypt to plain text. For example, to encrypt the database connection password, we can application.properties
modify the value of the corresponding password attribute in the file to plain text:
spring.datasource.password=mydbpassword
3. Decrypt the configuration file
When we need to use configuration items in the code, we don't need to manually decrypt them, MyBatis-Plus will automatically decrypt them. For example, when obtaining the database connection password, you can directly read application.properties
the attribute value in without additional decryption operations.
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
@Service
public class DatabaseService {
@Value("${spring.datasource.password}")
private String password;
public void connectToDatabase() {
// 使用解密后的密码进行数据库连接操作
// ...
}
}
In the above example, we @Value
directly injected the AES decrypted password by using Spring's annotations.
Testing and Validation
In order to verify whether the configuration encryption function is effective, we can write unit tests and start the application for testing.
First, we create a unit test and inject the classes that need to be configured with encryption. Then, call the corresponding method in the test method to verify whether the attribute configured with encryption can be accessed normally. Here is an example:
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@SpringBootTest
public class ConfigEncryptionTest {
@Autowired
private DatabaseService databaseService;
@Test
public void testConfigEncryption() {
// 验证解密功能是否生效
databaseService.connectToDatabase();
// ... 其他测试代码
}
}
In the above example, we injected DatabaseService
and called connectToDatabase
the method for database connection operation.
By writing and running test cases, you can verify that the configuration encryption feature in MyBatis-Plus is working properly. Please ensure that the encrypted properties are properly configured and dependencies have been added to the project before running the tests.
Note: In order to use the encryption function, please ensure that the configuration items in the configuration file have been configured according to the above examples, and the relevant dependencies have been correctly added.