如何禁用单个组件的Jasypt自动属性解密?
[英]How to disable jasypt's automatic property decryption for a single component?
问题描述
In my spring boot application, I want jasypt to decrypt injected properties in all components but one . 
在我的spring boot应用程序中,我希望jasypt解密除一个组件之外的所有组件中的注入属性。
I find jasypt automatic encryption/decryption handy, but in my SecurityConfig I want to get the encrypted values, and decrypt them later. 我发现使用jasypt自动加密/解密很方便,但是在我的SecurityConfig我想获取加密的值,并在以后对其进行解密。
How can I disable jasypt decryption for one property or one class? 如何禁用一个属性或一个类的Jasypt解密?
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${password}")
private String password;// <= this field will contain the decrypted password, but should contain the encrypted password
}
2 个解决方案
解决方案1
1 2019-07-19 21:58:27
不使用ENC()并提供裸露的加密文本作为密码怎么样?
解决方案2
0 已采纳 2019-07-22 09:06:40
There is a workaround: Write this in your application.properties: 有一个解决方法:将其写在application.properties中:
password=ENC_X(1234)
And replace ENC_X to ENC , when injecting the property: 并在注入属性时将ENC_X替换为ENC :
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Value("#{'${password}'.replaceFirst('^ENC_X','ENC')}")
private String password;// <= this field will contain 'ENC(1234)' (unencrypted)
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.