Encrypt password value in properties file in spring boot application
Now a days, it is very important to encrypt the value that we configure in properties files to secure the data.To encrypt the values in properties file specially in Spring based web application we can use available framework (jasypt) as below:
For example: We have folloing properties value in properties files
db.password=12345
- Add maven plugin in pom as below
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>2.0.0</version>
</dependency> - Now, configure jasypt encryptor password and algorithm in application properties files as below:
jasypt.encryptor.password=secretKey
jasypt.encryptor.algorithm=PBEWithMD5AndDES - Now, generate encrypted value of db.password (12345) using the jar and define in properties files as below:
To generated encrypted value we need to use jasypt jar file, password and algorithm as below in cmd:
java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI password=secretKey input=12345 algorithm=PBEWithMD5AndDES
When we run above command, it will generate encrypted value as below:isUphpA4A5/R+4nPV7tfrQ==
Example:
C:\user\.m2\repository\org\jasypt\jasypt\1.9.2>java -cp jasypt-1.9.2.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI password=secretKey
input=12345 algorithm=PBEWithMD5AndDES
----ENVIRONMENT-----------------
Runtime: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 24.80-b11
----ARGUMENTS-------------------
algorithm: PBEWithMD5AndDES
input: 12345
password: secretKey
----OUTPUT----------------------
isUphpA4A5/R+4nPV7tfrQ==
Now, copy above encrypt value to properties file as below with ENC(..):
db.password=ENC(isUphpA4A5/R+4nPV7tfrQ==)
db.password=ENC(isUphpA4A5/R+4nPV7tfrQ==)
No comments:
Post a Comment