springboot整合mybatis时会配置数据库ip用户名和密码,反编译jar包后这些信息会赤裸裸的暴露在别人面前。解决这个问的的方法就是springboot整合Jasypt安全框架,隐藏配置文件的敏感内容。
具体步骤:
1.添加maven依赖
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>2.1.0</version>
</dependency>
2.在application.properties里面配置加密密码(自己随便填的)
jasypt.encryptor.password=1cb23387-d51a-42d8-6e3915ede276
3.创建Junit测试类得到加密后的内容
import org.jasypt.encryption.StringEncryptor;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit4.SpringRunner;
@RunWith(SpringRunner.class)
@SpringBootTest
public class HuskyApplicationTests {
@Autowired
StringEncryptor encryptor;
@Test
public void encry() {
String url = encryptor.encrypt("jdbc:mysql://127.0.0.1:3306/dhf_bank?characterEncoding=utf8&useSSL=false&zeroDateTimeBehavior=convertToNull&autoReconnect=true");
System.out.println(url);
String username = encryptor.encrypt("root");
System.out.println(username);
String password = encryptor.encrypt("test@123456");
System.out.println(password);
}
}
得到的加密后的内容
4.配置到application.properties里面,格式:ENC(加密后的内容)
spring.datasource.url=ENC(U/pQBamqome4ntfefO6vY9LiUQszXT+swLSpuYjSQw59GmDWBxQIiGlvMLCJwvIgv0SGvJvjOn+9yuaDtaSVner0A6SZoixJqhjJ4rtsj3/6sKN0ZjyO3erdxpB9Ic/kaxMlBiuFNVVYLGeNdh77PZrhuFj6vuoQXN2Y+GbxEHcpJi+9Z5qSoYSJoABIpfUUVZtammDP0K/pUz2ctPspN3oR9Q1J3JKvKOmcU5HDMUdpM=)
spring.datasource.username=ENC(IA0gMDBZOxfth5ZEIhtGreDRQ==)
spring.datasource.password=ENC(eYZroNqH2gkeh2o+ttG2L6MFdsiS9kyDKsU)
如下
5.启动项目发现数据库已经连上了