一、自定义加密解密方式:
1、获取yml中的数据进行解码,配置数据源
package com.example.thymeleaf.config;import com.example.thymeleaf.utils.SecurityUtil;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.beans.factory.annotation.Value;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.core.env.Environment;import org.springframework.jdbc.datasource.DriverManagerDataSource;import javax.sql.DataSource;@Configurationpublic class DataSourceConfig {@Autowiredprivate Environment env;@Value("${spring.datasource.password}")private String password;@Bean(name = "dataSource")public DataSource getDataSource() {DriverManagerDataSource dataSource = new DriverManagerDataSource();dataSource.setDriverClassName(env.getProperty("spring.datasource.driver-class-name"));dataSource.setUrl(env.getProperty("spring.datasource.url"));dataSource.setUsername(env.getProperty("spring.datasource.username"));dataSource.setPassword(SecurityUtil.getBase64Decrypt(password));return dataSource;}}
这里可以通过以下两种方式来获取yml中的配置数据@Autowiredprivate Environment env;@Value("${spring.datasource.password}")private String password;
2、自定义加密方式对密码进行加密
username: rootpassword: MTIzNDU2Z3A=
package com.example.thymeleaf.utils;import java.nio.charset.StandardCharsets;import java.util.Base64;public class SecurityUtil {public static String getBase64Encrypt(String encrypt){String encryptString = Base64.getEncoder().encodeToString(encrypt.getBytes(StandardCharsets.UTF_8));return encryptString;}public static String getBase64Decrypt(String decrypt){byte[] decryptString = Base64.getDecoder().decode(decrypt);return new String(decryptString, StandardCharsets.UTF_8);}}
二、alibaba druid加解密
1、首先引入druid依赖
com.alibabadruid-spring-boot-starter1.2.16
2、在测试类中生成所需要的密文
@Testpublic void druidEncrypt() throws Exception {//密码明文String password = "123456";System.out.println("明文密码: " + password);String encrypt = ConfigTools.encrypt(password);System.out.println("未使用秘钥加密的密文 - encrypt:" + encrypt);String decrypt = ConfigTools.decrypt(encrypt);System.out.println("未使用秘钥加密解密后 - encrypt:" + decrypt);String[] keyPair = ConfigTools.genKeyPair(512);//私钥String privateKey = keyPair[0];//公钥String publicKey = keyPair[1];System.out.println("私钥 - privateKey:" + privateKey);System.out.println("公钥 - publicKey:" + publicKey);//用私钥加密后的密文password = ConfigTools.encrypt(privateKey, password);System.out.println("私钥加密后的密文 - password:" + password);String decryptPassword = ConfigTools.decrypt(publicKey, password);System.out.println("解密后:" + decryptPassword);}
3、修改yml文件,密文替换密码,添加以下配置
# 此处使用公钥加密过的密码password: jSdkuq4t4OzhufFKsNq0GVc239lDBdQZkzeFuYqZHIWdxRSzNUuvSZ+eRb3m5kVFzZepbBgiB/JeakrZrwApCg==druid:db-type: mysqlfilter:config:# 开启此配置,如果为false,则上面的密码要为明文密码enabled: trueconnect-properties:# 是否要解密,如果为false,则上面的密码要为明文密码config.decrypt: true# 此处为公钥,可以省略此配置,如果省略,则上面的密码在加密时可以不使用私钥加密config.decrypt.key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAK9ccOyIvGSX51qarEHjRC0tg/s3w7vTAQk7nXfVj4JUy0elbzlfbfJuGSb9wGRFDTrKrs47lIFp2CPx3Hr8oQECAwEAAQ==
三、集成jasypt加密
com.github.ulisesbocchiojasypt-spring-boot-starter3.0.4
依赖没有拉下来,暂未尝试