If you want to encrypt passwords, keys and other sensitive information in your application.properties file, then you have a nifty solution from an open source encryption library called as Jasypt.
We begin by adding the maven dependency of jasypt-spring-boot-starter to our Spring Boot application. The steps involved in integrating Jasypt into your Spring Boot application is as follows:
1. First using Jasypy and a secret password, created encrypted tokens of all sensitive information.
2. Put this encrypted token in your properties file with the value enclosed with string 'ENC' - e.g. password=ENC(encrypted-token)
3. Retrieve your properties in Spring classes the same old way - e.g. using the @Value annotation or env.getProperty() method.
A good example explaining this is here - https://www.ricston.com/blog/encrypting-properties-in-spring-boot-with-jasypt-spring-boot/ with source code available here.
We begin by adding the maven dependency of jasypt-spring-boot-starter to our Spring Boot application. The steps involved in integrating Jasypt into your Spring Boot application is as follows:
1. First using Jasypy and a secret password, created encrypted tokens of all sensitive information.
2. Put this encrypted token in your properties file with the value enclosed with string 'ENC' - e.g. password=ENC(encrypted-token)
3. Retrieve your properties in Spring classes the same old way - e.g. using the @Value annotation or env.getProperty() method.
A good example explaining this is here - https://www.ricston.com/blog/encrypting-properties-in-spring-boot-with-jasypt-spring-boot/ with source code available here.
No comments:
Post a Comment