背景

在使用jasypt对spring boot的配置文件中的敏感信息进行加密处理时,使用stater直接启动时,遇到了一个异常

<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.3</version>
</dependency>

遇到如下异常:

org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'enableEncryptablePropertySourcesPostProcessor' defined in class path resource [com/ulisesbocchio/jasyptspringboot/configuration/EnableEncryptablePropertiesConfiguration.class]: Unsatisfied dependency expressed through method 'enableEncryptablePropertySourcesPostProcessor' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'xxxDao' defined in xxxDao defined in @EnableJpaRepositories declared on Application: Unsatisfied dependency expressed through constructor parameter 1: Ambiguous argument values for parameter of type [javax.persistence.EntityManager] - did you specify the correct bean references as arguments?
at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:797)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:538)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1336)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1176)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:556)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:516)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:324)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:322)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:207)
at org.springframework.context.support.PostProcessorRegistrationDelegate.invokeBeanFactoryPostProcessors(PostProcessorRegistrationDelegate.java:172)
at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:707)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:533)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:143)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:758)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:750)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1237)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1226)
...

以上的信息是指enableEncryptablePropertySourcesPostProcessor创建时,由于创建其他类Bean失败而导致失败的。

先说一下这个问题是因为spring boot的BeanFactoryPostProcessor和自定义的@EnableJpaRepositories中的自定义repositoryFactoryBeanClass在启动创建时不兼容导致的,@Repository注解的bean提前被初始化了(创建enableEncryptablePropertySourcesPostProcessor时,因为spring boot的机制导致了一些类提前被实例化了,但是处理@Repository的BeanFactoryPostProcessor还没有加载进来)

如果不自定义@EnableJpaRepositories中的自定义repositoryFactoryBeanClass,就不会出现以上异常

解决方法

之后就想自己实现一下jasypt的方式,不过出现了还是需要jasypt的BeanFactoryPostProcessor实现方式,遂放弃,最后使用了重写PropertySource方式,加上反射完成自己来对已经读取的加密信息进行解密(在把bean放到容器之前,也就是@Value等注解生效之前)

1. 引入如下包,去掉jasypt的spring boot stater包

<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot</artifactId>
<version>3.0.3</version>
</dependency>

2. 定义@Configuration来注入PropertySource的bean

//JasyptPropertyValueConfig.java

import org.springframework.beans.factory.config.PropertyOverrideConfigurer;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; @Configuration
public class JasyptPropertyValueConfig { @Bean
public PropertyOverrideConfigurer jasyptPropertyOverrideConfigurer() {
return new JasyptPropertyValueHandler();
}
}
//JasyptPropertyValueHandler.java

import org.jasypt.util.text.BasicTextEncryptor;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.PropertyOverrideConfigurer;
import org.springframework.boot.env.OriginTrackedMapPropertySource;
import org.springframework.boot.origin.OriginTrackedValue;
import org.springframework.context.EnvironmentAware;
import org.springframework.core.env.Environment;
import org.springframework.core.env.MutablePropertySources;
import org.springframework.core.env.PropertySource;
import org.springframework.core.env.SimpleCommandLinePropertySource;
import org.springframework.web.context.support.StandardServletEnvironment; import java.lang.reflect.Field;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.stream.StreamSupport; public class JasyptPropertyValueHandler extends PropertyOverrideConfigurer implements EnvironmentAware { private static BasicTextEncryptor textEncryptor = null;
private final String KEY_SEED = "jasypt.encryptor.password";
private final String PREFIX = "ENC(";
private final String SUFFIX = ")";
private final byte[] tmp_lock = new byte[1];
private boolean isInit;
private String seed;
private Environment environment; public JasyptPropertyValueHandler() { } @Override
public void setEnvironment(Environment environment) {
this.environment = environment;
} @Override
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
MutablePropertySources propertySources = ((StandardServletEnvironment) environment).getPropertySources();
convertPropertySources(propertySources);
super.postProcessBeanFactory(beanFactory);
} public void convertPropertySources(MutablePropertySources propSources) {
initSeed();
// 命令行参数SimpleCommandLinePropertySource
// yml配置文件参数OriginTrackedMapPropertySource
StreamSupport.stream(propSources.spliterator(), false)
.filter(ps -> (ps instanceof OriginTrackedMapPropertySource) || (ps instanceof SimpleCommandLinePropertySource))
.forEach(ps -> {
if (ps instanceof OriginTrackedMapPropertySource) {
handleConfigFile(ps);
} else if (ps instanceof SimpleCommandLinePropertySource) {
handleCommandLine(ps);
}
propSources.replace(ps.getName(), ps);
});
}
//处理spring boot的默认配置文件,例如application.yml或者application.properties中加载所有内容
private void handleConfigFile(PropertySource ps) {
Map<String, OriginTrackedValue> result = (Map<String, OriginTrackedValue>) ps.getSource();
for (String key : result.keySet()) {
OriginTrackedValue value = result.get(key);
if (checkNeedProcessOverride(key, String.valueOf(value.getValue()))) {
System.out.println(value);
String decryptedValue = decryptValue(seed, String.valueOf(value.getValue()));
try {
Field valueField = OriginTrackedValue.class.getDeclaredField("value");
valueField.setAccessible(true);
valueField.set(value, decryptedValue);
} catch (NoSuchFieldException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
}
}
}
}
//处理命令行中的替换spring boot的参数,例如--spring.datasource.password的参数形式
private void handleCommandLine(PropertySource ps) {
try {
Object commandLineArgs = ps.getSource();
Field valueField = commandLineArgs.getClass().getDeclaredField("optionArgs");
valueField.setAccessible(true);
boolean hasEncrypt = false;
Map<String, List<String>> result = (Map<String, List<String>>) valueField.get(commandLineArgs);
for (String key : result.keySet()) {
List<String> values = result.get(key);
if (values.size() == 1) {
if (checkNeedProcessOverride(key, String.valueOf(values.get(0)))) {
hasEncrypt = true;
String decryptedValue = decryptValue(seed, String.valueOf(values.get(0)));
values.clear();
values.add(decryptedValue);
}
}
} if (hasEncrypt) {
valueField.set(commandLineArgs, result);
} } catch (NoSuchFieldException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
} } private boolean checkNeedProcessOverride(String key, String value) {
if (KEY_SEED.equals(key)) {
return false;
}
return StringUtils.isNotBlank(value) && value.startsWith(PREFIX) && value.endsWith(SUFFIX);
} private void initSeed() {
if (!this.isInit) {
this.isInit = true;
this.seed = this.environment.getProperty(KEY_SEED);
if (StringUtils.isNotBlank(this.seed)) {
return;
}
try {
Properties properties = mergeProperties();
//从启动命令行中,获取-Djasypt.encryptor.password的值
this.seed = properties.getProperty(KEY_SEED);
} catch (Exception e) {
System.out.println("未配置加密密钥");
}
}
} private String decryptValue(String seed, String value) {
value = value.replace(PREFIX, "").replace(SUFFIX, "");
value = getEncryptor(seed).decrypt(value);
return value;
} private BasicTextEncryptor getEncryptor(String seed) {
if (textEncryptor == null) {
synchronized (tmp_lock) {
if (textEncryptor == null) {
textEncryptor = new BasicTextEncryptor();
textEncryptor.setPassword(seed);
}
}
}
return textEncryptor;
}
}

3. 因为jasypt每次生成的加密后的内容不一样,还跟项目有关,所以写了一个controller类做内容加密

//JasyptController.java

import org.jasypt.util.text.BasicTextEncryptor;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController; @RestController
@RequestMapping("jasypt")
public class JasyptController {
@Value(${jasypt.encryptor.password})
private String seed;
private static BasicTextEncryptor textEncryptor = null;
private final byte[] tmp_lock = new byte[1]; @RequestMapping("encrypt")
public String encrypt(String value){
textEncryptor=getEncryptor(seed);
return textEncryptor.encrypt(value);
} @RequestMapping("decrypt")
public String decrypt(String value){
textEncryptor=getEncryptor(seed);
return textEncryptor.decrypt(value);
} private BasicTextEncryptor getEncryptor(String seed) {
if (textEncryptor == null) {
synchronized (tmp_lock) {
if (textEncryptor == null) {
textEncryptor = new BasicTextEncryptor();
textEncryptor.setPassword(seed);
}
}
}
return textEncryptor;
}
}
  • 项目启动起来之后,请求接口/jasypt/encrypt?value=需要加密内容,就可以得到密文了

如何使用

以上配置完成之后,就可以用jasypt那种配置文件和命令行的方式了

1. 配置文件中

这里写一个application.properties

spring.datasource.password=ENC(加密后的密文)

然后命令行使用密码启动jar包

java -Djasypt.encrypt.password=加密密码 -jar  xxx.jar

2. 命令行

java -Djasypt.encrypt.password=加密密码 -jar --spring.datasource.password=ENC(加密后的密文) xxx.jar

以上遵循spring boot的覆盖优先级。

总结

因为这个不是jasypt的实现,只是模拟了默认情况下常用的配置文件和命令解密方式,所以jasypt的自定义内容并不能使用,有兴趣的可以自己实现一遍

tips:
1. jasypt同样的内容每次加密后的密文都不一样
2. 不同的项目加密同样的内容后的密文,不能被同样的密码解密出来

jasypt在springboot项目中遇到异常:Error creating bean with name 'enableEncryptablePropertySourcesPostProcessor' defined in class path resource的更多相关文章

  1. SpringBoot启动zipkin-server报错Error creating bean with name ‘armeriaServer’ defined in class path resource

    目前,GitHub 上最新 release 版本是 Zipkin 2.12.9,从 2.12.6 版本开始有个较大的更新,迁移使用 Armeria HTTP 引擎. 从此版本开始,若直接添加依赖的 S ...

  2. Error creating bean with name 'enableRedisKeyspaceNotificationsInitializer' defined in class path resource

    我们在SpringBoot中用Jedis来访问Redis,其中Redis是采用集群(单机没有本篇文章的问题)的方式,在启用Redis的时候碰到如上问题. 错误的核心信息如下: Error creati ...

  3. 【报错】org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'webSocketHandlerMapping' defined in class path resource

    环境:maven+eclipse+jdk1.8 [tomcat使用的是maven自带的插件,实质原因就是出在tomcat版本问题] 背景:在进行SSM集成WebSocket的时候,项目启动报org.s ...

  4. Error creating bean with name 'us' defined in class path resource [com/liuyang/test/DI/beans2.xml]: Cannot resolve reference to bean 'daoa' while setting bean property 'daoa'; nested exception is org.

    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'us' defined ...

  5. 使用SpringMVC报错 Error creating bean with name 'conversionService' defined in class path resource [springmvc.xml]

    使用SpringMVC报错 Error creating bean with name 'conversionService' defined in class path resource [spri ...

  6. 报错org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionFactory' defined in class path resource [bean.xml]

    报这种错的原因基本上是applicationContext.xml文件中bean配置错误,错误如下: org.springframework.beans.factory.BeanCreationExc ...

  7. org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sqlSessionFactory' defined in class path resource

    二月 20, 2017 3:09:47 下午 org.apache.catalina.startup.SetAllPropertiesRule begin警告: [SetAllPropertiesRu ...

  8. org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'requestMappingHandlerMapping' defined in class path resource

    spring boot web项目运行时提示如下错误 org.springframework.beans.factory.BeanCreationException: Error creating b ...

  9. Error creating bean with name 'entityManagerFactory' defined in class path resource [org/springframework/boot/autoconfigure/orm/jpa/HibernateJpaAutoConfiguration.class]: Invocation of init method fail

    SpringBoot 单元测试报错 @RunWith(SpringRunner.class) @SpringBootTest public class ProductCategoryRepositor ...

随机推荐

  1. Vue(1)

    一:概述 Vue是一套用于构建用户界面的渐进式JavaScript框架,与其它大型框架不同的是,Vue被设计为可以自底向上逐层应用.Vue的核心库只关心视图层,不仅易于上手,还便于与第三方库或既有项目 ...

  2. HTML认知

    <!DOCTYPE html>的作用 1.定义 DOCTYPE是一种标准通用标记语言的文档类型的声明,目的是告诉标准通用标记语言解析器,该用什么方式解析这个文档. <!DOCTYPE ...

  3. 原生JS快速实现拖放

    原生 JS 快速实现拖放 拖放是很常见的一种交互效果,很多时候我们都会借助于第三方的控件来实现,其实用原生 js 实现起来也非常的方便.接下来我们就用原生 js 和 css 快速实现拖放效果 html ...

  4. Ch1-What is DAX?

    What is DAX? 数据分析表达式 (DAX) 是在 Analysis Services.Power BI 以及 Excel 中的 Power Pivot 使用的公式表达式语言.在第一版Powe ...

  5. for、while的循环套用和函数的递归

    一.集成开发工具Eclipse 1.1 下载 官网下载 https://www.eclipse.org/downloads/download.php?file=/technology/epp/down ...

  6. MySQL注入时常用函数

    注入常用函数 数据库相关 database() --- 返回当前数据库名 @@datadir --- 读取数据库路径 @@basedir --- 读取数据库安全路径 @@version_compile ...

  7. .net 开源模板引擎jntemplate 实战演习:基础篇之入门

    一.简介 模板引擎是Web开发中非常重要的一环,它负责将页面上的动态内容呈现出最终的结果展现给前端用户,在asp.net mvc中,我们最熟悉的就是Razor了,作为官方的视图引擎(视图引擎不等同于模 ...

  8. HDOJ-1043 Eight(八数码问题+双向bfs+高效记录路径+康拓展开)

    bfs搜索加记录路径 HDOJ-1043 主要思路就是使用双向广度优先搜索,找最短路径.然后记录路径,找到结果是打印出来. 使用康拓序列来来实现状态的映射. 打印路径推荐使用vector最后需要使用a ...

  9. Java数据类型拓展

    public class Demo03 { public static void main(String[] args) { //整数拓展: 二进制0b 十进制 八进制0 十六进制0x int i = ...

  10. 2020年12月-第02阶段-前端基础-CSS字体样式

    CSS字体样式属性调试工具 应用 使用css字体样式完成对字体的设置 使用css外观属性给页面元素添加样式 1.font字体 1.1 font-size:大小 作用: font-size属性用于设置字 ...