SpringMVC使用jasypt加密配置文件

1、引入jasypt依赖库：

<!-- Jasypt核心库 -->
<dependency>
    <groupId>org.jasypt</groupId>
    <artifactId>jasypt</artifactId>
    <version>1.9.3</version>
</dependency>

2、修改配置

spring.jdbc.username=ENC(pxXd2wjuqNv6VbOegtaUxg==)
spring.jdbc.password=ENC(8Fr/wXgInniWSazqDRU2PyaZwpnQJAqX)

3、修改数据库配置文件

<!-- 数据源配置 -->
    <bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" init-method="init" destroy-method="close">
        <property name="url" value="#{app['spring.jdbc.url']}" />
        <property name="username" value="#{app['spring.jdbc.username']}" />
        <property name="password" value="#{app['spring.jdbc.password']}" />
        <property name="filters" value="slf4j" />
        <property name="maxActive" value="#{app['spring.jdbc.maxActive']}" />
        <property name="initialSize" value="#{app['spring.jdbc.initialSize']}" />
        <property name="minIdle" value="#{app['spring.jdbc.minIdle']}" />
        <!-- 配置获取连接等待超时的时间 -->
        <property name="maxWait" value="#{app['spring.jdbc.maxWait']}" />
        <!-- 配置间隔多久才进行一次检测，检测需要关闭的空闲连接，单位是毫秒 -->
        <property name="timeBetweenEvictionRunsMillis" value="60000" />
        <!-- 配置一个连接在池中最小生存的时间，单位是毫秒 -->
        <property name="minEvictableIdleTimeMillis" value="300000" />
        <property name="validationQuery" value="SELECT 'x'" />
        <property name="testWhileIdle" value="true" />
        <property name="testOnBorrow" value="false" />
        <property name="testOnReturn" value="false" />

        <property name="connectProperties">
            <props>
                <prop key="appPrivateKeyFilePath">密钥</prop>
            </props>
        </property>

        <property name="userCallback" ref="dbNameCallback"/>
        <property name="passwordCallback" ref="dbPasswordCallback" />
    </bean>

    <bean id="dbPasswordCallback" class="com.test.DbPasswordCallback">
        <property name="encPassword" value="#{app['spring.jdbc.password']}" />
    </bean>

    <bean id="dbNameCallback" class="com.test.DbNameCallback">
        <constructor-arg index="0" value="密钥" />
        <property name="encUserName" value="#{app['spring.jdbc.username']}" />
    </bean>

4、编写生成加密串代码

public static void main(String[] args) {
        // 注意：加密密钥必须与生产环境一致
        String encryptionPassword = "密钥";
        StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
        encryptor.setAlgorithm("PBEWithMD5AndDES");
        encryptor.setPassword(encryptionPassword);

        String plainText = "用户名";
        String encryptedText = encryptor.encrypt(plainText);

        System.out.println("加密后的文本: ENC(" + encryptedText + ")");

        StandardPBEStringEncryptor decryptor = new StandardPBEStringEncryptor();
        decryptor.setAlgorithm("PBEWithMD5AndDES");
        decryptor.setPassword(encryptionPassword);
        String decryptedText = decryptor.decrypt(encryptedText);
        System.out.println("解密后的文本: " + decryptedText);
    }

 5、DbNameCallback

public class DbNameCallback extends NameCallback {

    private static final Logger logger = LoggerFactory.getLogger(DbNameCallback.class);

    private String encUserName;

    public DbNameCallback(String prompt) {
        super(prompt);
    }

    public DbNameCallback(String prompt, String defaultName) {
        super(prompt, defaultName);
    }

    public String getEncUserName() {
        return encUserName;
    }

    public void setEncUserName(String encUserName) {
        this.encUserName = encUserName;
    }

    @Override
    public String getName() {
        // 获取配置参数中的密钥
        String propertyPwd = getPrompt();
        try {
            StandardPBEStringEncryptor decryptor = new StandardPBEStringEncryptor();
            decryptor.setAlgorithm("PBEWithMD5AndDES");
            decryptor.setPassword(propertyPwd);
            encUserName = encUserName.substring(4, encUserName.length()-1);
            return decryptor.decrypt(encUserName);
        } catch (Exception e) {
            logger.error("Druid ConfigTools.decrypt", e);
        }
        return "";
    }
}

5、DbPasswordCallback

public class DbPasswordCallback  extends DruidPasswordCallback {

    private static final Logger logger = LoggerFactory.getLogger(DbPasswordCallback.class);

    private String encPassword;

    public String getEncPassword() {
        return encPassword;
    }

    public void setEncPassword(String encPassword) {
        this.encPassword = encPassword;
    }

    @Override
    public void setProperties(Properties properties){
        super.setProperties(properties);
        // 获取配置参数中的密钥
        String propertyPwd = properties.getProperty("appPrivateKeyFilePath");
        try {
            StandardPBEStringEncryptor decryptor = new StandardPBEStringEncryptor();
            decryptor.setAlgorithm("PBEWithMD5AndDES");
            decryptor.setPassword(propertyPwd);
            encPassword = StringUtils.subString(encPassword, "ENC(", ")");
            String decryptedText = decryptor.decrypt(encPassword);
            //String dbpassword = ConfigTools.decrypt(publickey, encryptionPassword);
            setPassword(decryptedText.toCharArray());
        } catch (Exception e) {
            logger.error("Druid ConfigTools.decrypt", e);
        }
    }
}