java – Spring在属性文件中加密和解密API密钥
作者:互联网
原始问题
我有一个位于Tomcat的属性文件和一个位于src / test / resources中的测试属性文件.
目前我有以下设置.我的属性文件加载到我的XML文件中
config.xml中
<?xml version="1.0" encoding="UTF-8"?>
<!-- Repository and Service layers -->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:cache="http://www.springframework.org/schema/cache"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/cache http://www.springframework.org/schema/cache/spring-cache.xsd">
<!-- ========================= RESOURCE DEFINITIONS ========================= -->
<context:component-scan base-package="be.omniatravel.service" />
<context:property-placeholder
location="file:${catalina.base}/conf/omniatravel.properties"
ignore-unresolvable="true" />
<tx:annotation-driven />
</beans>
测试-config.xml中
<?xml version="1.0" encoding="UTF-8"?>
<!-- Repository and Service layers -->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:cache="http://www.springframework.org/schema/cache"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/cache http://www.springframework.org/schema/cache/spring-cache.xsd">
<!-- ========================= RESOURCE DEFINITIONS ========================= -->
<context:component-scan base-package="be.omniatravel.service" />
<context:property-placeholder
location="classpath:omniatravel_test.properties"
ignore-unresolvable="true" />
<tx:annotation-driven />
</beans>
我可以通过将它放在我的Java文件中来访问这些值
public class SunnycarsClient extends WebServiceGatewaySupport {
@Value("${sunnycars.serviceUri}")
private String uri; // provided by the webservice
@Value("${sunnycars.operatingKey}")
private String key; // provide by the webservice
@Value("${sunnycars.passphrase}")
private String passphrase; // provided by the webservice
}
目前,operatingKey和passphrase作为平面文本存储在这些属性中.我想将它们存储为加密值,以最大限度地降低风险,并且仍然能够以我现在的方式访问.
更新1
所以我现在所做的就是将config.xml的内容替换为
<?xml version="1.0" encoding="UTF-8"?>
<!-- Repository and Service layers -->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:cache="http://www.springframework.org/schema/cache"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/cache http://www.springframework.org/schema/cache/spring-cache.xsd">
<!-- ========================= RESOURCE DEFINITIONS ========================= -->
<context:component-scan base-package="be.omniatravel.service" />
<!-- bean definitions -->
<bean
class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">
<constructor-arg>
<bean class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="config">
<bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
<property name="algorithm" value="PBEWithMD5AndDES" />
<property name="passwordEnvName" value="APP_ENCRYPTION_PASSWORD" />
</bean>
</property>
</bean>
</constructor-arg>
<property name="locations">
<list>
<value>file:${catalina.base}/conf/omniatravel.properties</value>
</list>
</property>
</bean>
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"
destroy-method="close">
<property name="sunnycarsMarshallerUri">
<value>${sunnycars.marshallerUri}</value>
</property>
<property name="sunnycarsServiceUri">
<value>${sunnycars.serviceUri}</value>
</property>
<property name="sunnycarsContextPath">
<value>${sunnycars.contextPath}</value>
</property>
<property name="sunnycarsOperatingKey">
<value>${sunnycars.operatingKey}</value>
</property>
<property name="sunnycarsPassphrase">
<value>${sunnycars.passphrase}</value>
</property>
</bean>
<tx:annotation-driven />
</beans>
但我仍然不清楚如何从我的Java代码中访问这些内容.
同样在propeties文件中我应该用sunnycars.operatingKey = enc(ENCRYPTED_KEY)替换sunnycars.operatingKey = THE_KEY,但是如何获得ENCRYPTED_KEY值?
解决方法:
首先,你必须从http://www.jasypt.org/下载jasypt1.9 *工具包
和
尝试使用cmd中的以下命令运行encrypt.dat文件
encrypt.date input = [您的财产文件值]密码= [加密密钥值]
它会产生
您需要在属性文件中替换的加密值的输出
同
=ENC(output encrypted value)
..
<bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
<property name="algorithm" value="PBEWithMD5AndDES" />
<property name="password" value="APP_ENCRYPTION_PASSWORD" />
</bean> ..
你也可以在类文件中硬编码密码并分配给bean
<bean class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
<property name="algorithm" value="PBEWithMD5AndDES" />
<property name="password" value="#Key.keyValue}" />
</bean>
其中Key.keyValue是Key类的静态方法.
标签:java,xml,spring,encryption,properties-file 来源: https://codeday.me/bug/20190609/1202987.html