我们目前有 JASYPT 在引导 2.2.4 中运行,jasypt 3.0.2 没有问题。唯一的异常(exception)是 jasypt 密码是从 postProcessEnvironment 事件的数据库中获取的。
新的 Spring Boot 2.3.2,Jaspt 3.0.2 在启动时抛出以下内容。
13:27:42.380 [restartedMain] ERROR o.s.b.w.e.tomcat.TomcatStarter onStartup - Error starting Tomcat context. Exception: org.springframework.beans.factory.BeanCreationException. Message: Error creating bean with name 'h2Console' defined in class path resource [org/springframework/boot/autoconfigure/h2/H2ConsoleAutoConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.boot.web.servlet.ServletRegistrationBean]: Factory method 'h2Console' threw exception; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'dataSource' defined in class path resource [org/springframework/boot/autoconfigure/jdbc/DataSourceConfiguration$Hikari.class]: Unsatisfied dependency expressed through method 'dataSource' parameter 0; nested exception is org.springframework.boot.context.properties.ConfigurationPropertiesBindException: Error creating bean with name 'spring.datasource-org.springframework.boot.autoconfigure.jdbc.DataSourceProperties': Could not bind properties to 'DataSourceProperties' : prefix=spring.datasource, ignoreInvalidFields=false, ignoreUnknownFields=true; nested exception is org.springframework.boot.context.properties.bind.BindException: Failed to bind properties under 'spring.datasource.password' to java.lang.String
13:27:42.471 [restartedMain] ERROR o.s.b.d.LoggingFailureAnalysisReporter report -
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.3.2.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
<java.version>1.8</java.version>
<jacoco-maven-plugin.ver>0.8.2</jacoco-maven-plugin.ver>
<jasypt.spring.boot.starter.ver>3.0.3</jasypt.spring.boot.starter.ver>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>com.microsoft.sqlserver</groupId>
<artifactId>mssql-jdbc</artifactId>
<scope>runtime</scope>
</dependency>
<!-- JASYPT Encryption -->
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>${jasypt.spring.boot.starter.ver}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-crypto</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-cache</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
.....
jasypt:
encryptor:
password: fubar
#iv-generator-classname: org.jasypt.RandomIvGenerator
#iv-generator-classname: org.jasypt.NoIvGenerator
spring:
datasource:
driverClassName: com.microsoft.sqlserver.jdbc.SQLServerDriver
url: jdbc:sqlserver://myDb;databaseName=BAR;sendStringParametersAsUnicode=false
username: Bullwincle
password: ENC(dX8PMJjtC04JBzjSMllTop6s2/seBDHo)
hikari:
connection-timeout: 60000
maximum-pool-size: 5
jpa:
database-platform: org.hibernate.dialect.SQLServerDialect
show-sql: false
generate-ddl: false
hibernate:
ddl-auto: none
naming:
physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
properties:
hibernate:
jdbc:
time_zone: UTC
@SpringBootApplication
@EnableEncryptableProperties
public class MyApplication {
我没有自定义加密器 bean
应用程序以未加密的密码启动。
尝试过:
iv-generator-classname: org.jasypt.NoIvGenerator
iv-generator-classname: org.jasypt.RandomIvGenerator
如果我将 JASYPT 降级到 2.1.2,应用程序将启动。
最佳答案
根据他们的 release notes默认加密算法已在 3.0.0 中更改,因此他们建议设置这些:
jasypt:
encryptor:
algorithm: PBEWithMD5AndDES
iv-generator-classname: org.jasypt.iv.NoIvGenerator
关于spring-boot - Spring Boot JASYPT 失败无法绑定(bind) 'spring.datasource.password' 下的属性,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/63999220/