Tuesday, May 17, 2011

How to encrypt password in spring configuration file

I just finish a project which use "jasypt" to encrypt the password in spring configuration file. Below are the steps and notes.

1. Regarding Maven entrance, please check below

org.jasypt
jasypt
1.7.1

2. Develop a program to encrypt password.

StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
encryptor.setAlgorithm("PBEWithMD5AndDES");
encryptor.setPassword("JAMES_PWD"); // could be got from web, env variable...
return encryptor.encrypt(input) ;
3. Create a environment variable to hold temporary password
APP_ENCRYPTION_PASSWORD = JAMES_PWD

4. Change your spring configuration file to read property from file.


class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">





class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">


-->






class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">



classpath:connection.properties
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)