我正在尝试在我的Spring Boot 1.4应用程序中实现Jasypt,因为将Spring Cloud Config用于这样的小应用程序似乎有些过分。但是,我显然不了解Spring Boot如何确定其运行的环境,并使用相应的属性文件。我需要加密存储的数据源属性,例如:
spring.datasource.url=jdbc:postgresql://localhost:5432/myschema
spring.datasource.username=myuser
spring.datasource.password=ENC(ZwXHbQl^8c2U)
spring.datasource.driverClassName=org.postgresql.Driver
spring.jpa.database=POSTGRESQL
在我的project/config/
目录中,我有三个文件:
application.properties
:单个条目:spring.profiles.active=local
application-local.properties
:开发的配置值,包括本地数据库凭据application-test.properties
:测试env的配置值,例如db凭证等application-prod.properties
:生产环境的配置值,例如db凭证等我通过以下方式导入Jasypt:
编译组:'com.github.ulisesbocchio',名称: 'jasypt-spring-boot-starter',版本:'1.7'
我运行本地Spock / Goovy集成测试,所以我用
注释我的Base Test类@ActiveProfiles(“local,test”)
但是这似乎没有拾取属性文件
<的固定>添加@ActiveProfiles(["local", "test"])
我添加了 /config/application.properties 文件来设置
spring.profiles.active =本地 jasypt.encryptor.password =
我查看了Jasypt如何工作的文档,因此我可以尝试了解如何加密每个环境的数据库凭据。此外,我已经能够弄清楚如何加载正确的属性文件以测试加密。
更新
现在似乎正在加载正确的* .properties文件(感谢很好的反馈!)但是找不到数据库密码或者无法解密数据库密码。我在日志中看到以下内容:
eEncryptablePropertySourcesPostProcessor : Post-processing PropertySource instances
c.u.j.c.StringEncryptorConfiguration : String Encryptor custom Bean not found with name 'jasyptStringEncryptor'. Initializing String Encryptor based on properties with name 'jasyptStringEncryptor'
eEncryptablePropertySourcesPostProcessor : Converting PropertySource commandLineArgs [to EncryptableEnumerablePropertySourceWrapper
eEncryptablePropertySourcesPostProcessor : Converting PropertySource servletConfigInitParams [org.springframework.core.env.PropertySource$StubPropertySource] to EncryptablePropertySourceWrapper
eEncryptablePropertySourcesPostProcessor : Converting PropertySource servletContextInitParams [org.springframework.core.env.PropertySource$StubPropertySource] to EncryptablePropertySourceWrapper
eEncryptablePropertySourcesPostProcessor : Converting PropertySource systemProperties [org.springframework.core.env.MapPropertySource] to EncryptableMapPropertySourceWrapper
eEncryptablePropertySourcesPostProcessor : Converting PropertySource systemEnvironment [org.springframework.core.env.SystemEnvironmentPropertySource] to EncryptableMapPropertySourceWrapper
eEncryptablePropertySourcesPostProcessor : Converting PropertySource random [org.springframework.boot.context.config.RandomValuePropertySource] to EncryptablePropertySourceWrapper
eEncryptablePropertySourcesPostProcessor : Converting PropertySource applicationConfig: [file:./config/application-local.properties] [org.springframework.core.env.PropertiesPropertySource] to EncryptableMapPropertySourceWrapper
eEncryptablePropertySourcesPostProcessor : Converting PropertySource applicationConfig: [file:./config/application.properties] [org.springframework.core.env.PropertiesPropertySource] to EncryptableMapPropertySourceWrapper
eEncryptablePropertySourcesPostProcessor : Converting PropertySource applicationConfig: [classpath:/application.properties] [org.springframework.core.env.PropertiesPropertySource] to EncryptableMapPropertySourceWrapper
.c.EncryptablePropertySourcesInitializer : Created Encryptable Property Source 'EncryptedProperties' from locations: [classpath:application.properties]
Encryptor config not found for property jasypt.encryptor.algorithm, using default value: PBEWithMD5AndDES
c.u.j.c.StringEncryptorConfiguration : Encryptor config not found for property jasypt.encryptor.keyObtentionIterations, using default value: 1000
c.u.j.c.StringEncryptorConfiguration : Encryptor config not found for property jasypt.encryptor.poolSize, using default value: 1
c.u.j.c.StringEncryptorConfiguration : Encryptor config not found for property jasypt.encryptor.providerName, using default value: SunJCE
c.u.j.c.StringEncryptorConfiguration : Encryptor config not found for property jasypt.encryptor.saltGeneratorClassname, using default value: org.jasypt.salt.RandomSaltGenerator
c.u.j.c.StringEncryptorConfiguration : Encryptor config not found for property jasypt.encryptor.stringOutputType, using default value: base64
j.LocalContainerEntityManagerFactoryBean : Building JPA container EntityManagerFactory for persistence unit 'default'
根据这条线:
Property Source 'EncryptedProperties' from locations:[classpath:application.properties]
我们似乎必须明确声明要在@EnableEncryptableProperties()注释中搜索加密值的属性文件,但这似乎不会包含文件或属性值列表,也不会找到任何人说这需要做。
答案 0 :(得分:2)
将{}
用于包含多个值的注释无法在Groovy
中使用,请尝试@ActiveProfiles(["local", "test"])
或@ActiveProfiles(["local", "test"] as String[])
。见Arrays
答案 1 :(得分:1)
如果您在spring.profiles.active=local
中设置了application.properties
,那么您不必使用@ActiveProfiles注释,它将查找application-local.properties
spring.profiles.active
属性遵循与其他属性相同的排序规则,最高的PropertySource将获胜。这意味着您可以在application.properties
中指定活动配置文件,然后使用命令行开关替换它们。
希望这有帮助!
答案 2 :(得分:0)
基于Spring文档,它应该是:@ActiveProfiles({“local”,“test”})。你能试试吗?!请参阅此处的详细信息:http://docs.spring.io/spring/docs/current/spring-framework-reference/html/integration-testing.html
希望这有帮助!
答案 3 :(得分:0)
在您的情况下,您最好尝试引导Jasypt !!! 在配置服务器开始从配置库中提取配置之前,需要Jasypt解密加密的属性。
bootstrap.yaml
spring.cloud.config.server.bootstrap=true
spring.application.name=config-server
spring.cloud.config.server.git.uri=https://github.com/jamesmedice
spring.cloud.config.server.git.username=james@medici.com
spring.cloud.config.server.git.password=ENC(#################)
jasypt.encryptor.algorithm=PBEWithMD5AndDES
jasypt.encryptor.password=superkey
@Configuration
@ConditionalOnClass(name = "org.springframework.cloud.bootstrap.BootstrapApplicationListener")
@ConditionalOnProperty(name = "spring.cloud.bootstrap.enabled", havingValue = "true", matchIfMissing = true)
public class JasyptSpringCloudBootstrapConfiguration {
@Configuration
@ConditionalOnProperty(name = "jasypt.encryptor.bootstrap", havingValue = "true", matchIfMissing = true)
@Import(EnableEncryptablePropertiesConfiguration.class)
protected static class BootstrappingEncryptablePropertiesConfiguration {
}
}
@ConditionalOnClass('BootstrapApplicationListener')确保配置仅在基于Spring Cloud的环境中有效。 @ConditionalOnProperty(“ spring.cloud.bootstrap.enabled” ...)确保不是这种情况,一旦提供了jasypt.encryptor.bootstrap配置以便显式禁用'bootstrapping Jasypt',Jasypt将被自动配置为好吧。