spring-boot - Spring Boot JASYPT 失败无法绑定(bind) 'spring.datasource.password' 下的属性

Question

我们目前有 JASYPT 在引导 2.2.4 中运行，jasypt 3.0.2 没有问题。唯一的异常(exception)是 jasypt 密码是从 postProcessEnvironment 事件的数据库中获取的。

新的 Spring Boot 2.3.2，Jaspt 3.0.2 在启动时抛出以下内容。

13:27:42.380 [restartedMain] ERROR o.s.b.w.e.tomcat.TomcatStarter onStartup - Error starting Tomcat context. Exception: org.springframework.beans.factory.BeanCreationException. Message: Error creating bean with name 'h2Console' defined in class path resource [org/springframework/boot/autoconfigure/h2/H2ConsoleAutoConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.boot.web.servlet.ServletRegistrationBean]: Factory method 'h2Console' threw exception; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'dataSource' defined in class path resource [org/springframework/boot/autoconfigure/jdbc/DataSourceConfiguration$Hikari.class]: Unsatisfied dependency expressed through method 'dataSource' parameter 0; nested exception is org.springframework.boot.context.properties.ConfigurationPropertiesBindException: Error creating bean with name 'spring.datasource-org.springframework.boot.autoconfigure.jdbc.DataSourceProperties': Could not bind properties to 'DataSourceProperties' : prefix=spring.datasource, ignoreInvalidFields=false, ignoreUnknownFields=true; nested exception is org.springframework.boot.context.properties.bind.BindException: Failed to bind properties under 'spring.datasource.password' to java.lang.String
13:27:42.471 [restartedMain] ERROR o.s.b.d.LoggingFailureAnalysisReporter report -

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.3.2.RELEASE</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <properties>
        <java.version>1.8</java.version>
        <jacoco-maven-plugin.ver>0.8.2</jacoco-maven-plugin.ver>
        <jasypt.spring.boot.starter.ver>3.0.3</jasypt.spring.boot.starter.ver>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
        </dependency>
        <dependency>
            <groupId>com.microsoft.sqlserver</groupId>
            <artifactId>mssql-jdbc</artifactId>
            <scope>runtime</scope>
        </dependency>
        <!-- JASYPT Encryption -->
        <dependency>
            <groupId>com.github.ulisesbocchio</groupId>
            <artifactId>jasypt-spring-boot-starter</artifactId>
            <version>${jasypt.spring.boot.starter.ver}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-crypto</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-cache</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-actuator</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-devtools</artifactId>
            <scope>runtime</scope>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <optional>true</optional>
        </dependency>
.....

jasypt:
  encryptor:
    password: fubar
    #iv-generator-classname: org.jasypt.RandomIvGenerator
    #iv-generator-classname: org.jasypt.NoIvGenerator
spring:
  datasource:
    driverClassName: com.microsoft.sqlserver.jdbc.SQLServerDriver
    url: jdbc:sqlserver://myDb;databaseName=BAR;sendStringParametersAsUnicode=false
    username: Bullwincle
    password: ENC(dX8PMJjtC04JBzjSMllTop6s2/seBDHo)
    hikari:
      connection-timeout: 60000
      maximum-pool-size: 5
  jpa:
    database-platform: org.hibernate.dialect.SQLServerDialect
    show-sql: false
    generate-ddl: false
    hibernate:
      ddl-auto: none
      naming:
        physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
    properties:
      hibernate:
        jdbc:
          time_zone: UTC

@SpringBootApplication
@EnableEncryptableProperties
public class MyApplication {

我没有自定义加密器 bean

应用程序以未加密的密码启动。

尝试过:

iv-generator-classname: org.jasypt.NoIvGenerator

iv-generator-classname: org.jasypt.RandomIvGenerator

如果我将 JASYPT 降级到 2.1.2，应用程序将启动。

Answer 1

根据他们的 release notes默认加密算法已在 3.0.0 中更改，因此他们建议设置这些:

jasypt:
  encryptor:
    algorithm: PBEWithMD5AndDES
    iv-generator-classname: org.jasypt.iv.NoIvGenerator