Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Mar 05 13:03
    anderius commented #233
  • Feb 23 06:00
    grapesrain opened #263
  • Feb 23 03:09
    costalopes71 commented #222
  • Feb 23 03:08
    costalopes71 commented #154
  • Feb 23 03:08
    costalopes71 commented #154
  • Feb 20 02:57
    FJiayang closed #262
  • Feb 11 10:02
    FJiayang edited #262
  • Feb 11 09:51
    FJiayang opened #262
  • Feb 10 03:48
    Travis ulisesbocchio/jasypt-spring-boot (master) passed (318)
  • Feb 10 03:35
    ulisesbocchio commented #261
  • Feb 10 03:17
    ulisesbocchio labeled #254
  • Feb 10 03:17
    ulisesbocchio commented #254
  • Feb 10 03:15
    Travis ulisesbocchio/jasypt-spring-boot (master) canceled (317)
  • Feb 10 03:15

    ulisesbocchio on master

    Fix Version check in upgrade mo… Fix typo Merge pull request #233 from tk… (compare)

  • Feb 10 03:15
    ulisesbocchio closed #233
  • Feb 10 03:15
    Travis ulisesbocchio/jasypt-spring-boot (master) canceled (316)
  • Feb 10 03:15

    ulisesbocchio on master

    Rename jasypt-spring-boot-start… Merge pull request #244 from fe… (compare)

  • Feb 10 03:15
    ulisesbocchio closed #244
  • Feb 10 03:12
    Travis ulisesbocchio/jasypt-spring-boot (master) canceled (315)
  • Feb 10 03:12

    ulisesbocchio on master

    Fix Copy&Paste Error und docume… Merge pull request #249 from je… (compare)

Ulises Bocchio
@ulisesbocchio
but that doesn't allow property source decoration on nested placeholders
Ulises Bocchio
@ulisesbocchio

for now you should probably stick to:

user: user
defaultPassword: ENC(asdf)
password: ${PASSWORD:${defaultPassword}}

endpoint: https://${user}:${password}@localhost:30000

which adds one more level of indirection but the works because defaultPassword is a top level property

But just like David Wheeler said... All problems in computer science can be solved by another level of indirection
Mike Liu
@mikexliu
Thanks @ulisesbocchio I will try that later!
Armin Naderi
@naderi_armin_twitter
Great project @ulisesbocchio, thank you for making it. I was wondering if it is possible to use this project for Gradle .properties files as well? The problem is that the properties need to be decrypted during Gradle's runtime. Thanks for reading.
NadhemNiNo
@NadhemNiNo
Hey @ulisesbocchio and great job for the project. I'm just having a problem when working with jasypt-spring-boot in my project; @EnableEncryptableProperties is not recognized even the dependency in the pom file exists. Thanks in advance for your reply
Ulises Bocchio
@ulisesbocchio
@NadhemNiNo weird, did you try one of the sample projects?
@naderi_armin_twitter it should be the same with gradle, props should be decrypted at runtime in the app. What are you trying to do with gradle properties?
Armin Naderi
@naderi_armin_twitter
@ulisesbocchio I am extracting passwords for binary repositories to separate property files. The problem is that Gradle does not run at the application's runtime, but rather within its own JVM during the building of the application. I need to run jasypt within Gradle's JVM.
Ulises Bocchio
@ulisesbocchio
@naderi_armin_twitter is it possible that you upload a sample project to github for me to take a look? I can't picture what you're saying. The library is meant to be used with password decryption at runtime, so unless you're trying to decrypt a property as part of your build process, I'm not sure what else could it be. In any case, regardless of where it runs, passing property -Djasypt.encryptor.password=password should be enough in any JVM. Keep in mind though that spring boot has to run.
NadhemNiNo
@NadhemNiNo
@ulisesbocchio All works perfectly now. i had some issues with my maven plugin. I have succeeded now to integrate jasypt in my project ans it works as expected. thanks again
Ryan Dawson
@ryandawsonuk
I'm guessing people stuck with java7 just have to settle for the spring jasypt integration?
Ulises Bocchio
@ulisesbocchio
There's a java 7 version @ryandawsonuk
Ryan Dawson
@ryandawsonuk
that would be great - where do I get the java 7 version?
oh I think I found it - https://mvnrepository.com/artifact/com.github.ulisesbocchio/jasypt-spring-boot-starter/1.4-java7
Ryan Dawson
@ryandawsonuk
this makes me very happy, thanks
Ryan Dawson
@ryandawsonuk
I'm hitting this bug in jasypt 1.9.2 - https://sourceforge.net/p/jasypt/bugs/32/
actually doesn't look like they've released 1.9.3 yet
Ulises Bocchio
@ulisesbocchio_twitter
hmm...
yeah, last version was 1.9.2
I don't think they'll be releasing a new version any time soon
Ryan Dawson
@ryandawsonuk
Fortunately I think it would be ok for me if takes them a few months. It would be a problem if they can't guarantee it will get fixed (esp given a fix has been offered and they just need to incorporate it).
Ryan Dawson
@ryandawsonuk
if we think the jasypt guys need a hand then I'd be interested in talking about that. surprised they're not making it easier for community to contribute
Ulises Bocchio
@ulisesbocchio
I haven't seen a release from the for a while, did you check their website?
Ryan Dawson
@ryandawsonuk
Previous comments in tickets on sourceforge indicate they were targetting may for a release. Think they're just running behind.
Ulises Bocchio
@ulisesbocchio
Ok thanks, good to know
BBK-PiJ-2016-11
@BBK-PiJ-2016-11
hey @ulisesbocchio, first of all -- thanks for the work put into the package so far -- is there any way to look for encryptable properties recursively in the resources directory? currently it's only picking up application.properties. I've got some other .properties files stored in directories under the resources dir..
Comven
@Comven
@EncryptablePropertySources({@EncryptablePropertySource("classpath:encrypted.properties"),
@EncryptablePropertySource("classpath:encrypted2.properties")})
BBK-PiJ-2016-11
@BBK-PiJ-2016-11
any change of some sort of wildcard being used here?
chance*
I'd like the app to be able to look inside the resources directory and all subdirectories for .properties files
without needing to specify individual property files as they might be different depending on the deployment
Ulises Bocchio
@ulisesbocchio
hey @BBK-PiJ-2016-11 the plugin decorates any existing property sources in the environment
it doesn't really look for any files
it uses whatever is loaded by Spring by default and any other property sources you may have loaded
Ulises Bocchio
@ulisesbocchio
you could do something like this @BBK-PiJ-2016-11 :
    @Bean
    public PropertySource allPropertiesSource() throws Exception {
        PathMatchingResourcePatternResolver resolver = new PathMatchingResourcePatternResolver();
        Resource[] resources = resolver.getResources("classpath*:*.properties");
        PropertySourceLoader loader = new PropertiesPropertySourceLoader();
        Function<Resource, PropertySource> toSource = resource -> {
            try {
                return loader.load(resource.getFilename(), resource).get(0);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        };
        Function<List<PropertySource>, PropertySource> collector = sources -> {
            CompositePropertySource ps = new CompositePropertySource("all properties");
            sources.forEach(ps::addPropertySource);
            return ps;
        };
        return Arrays.stream(resources).map(toSource).collect(Collectors.collectingAndThen(Collectors.toList(), collector));
    }
BBK-PiJ-2016-11
@BBK-PiJ-2016-11
thanks @ulisesbocchio, appreciate it! I'll give this a try today and let you know how I got on. =)
Ghost
@ghost~5b08154ed73408ce4f9ab57b
Hi can anyone please help, while I am loading my configration file while bootstraping my application, apllication is not starting and I am not getting any clue of error in logs

import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import com.ulisesbocchio.jasyptspringboot.EncryptablePropertyDetector;
import com.ulisesbocchio.jasyptspringboot.EncryptablePropertyResolver;
import com.ulisesbocchio.jasyptspringboot.annotation.EncryptablePropertySource;
import com.ulisesbocchio.jasyptspringboot.annotation.EncryptablePropertySources;

/**

  • @author Ravat
    /

@Configuration
@EncryptablePropertySources({ @EncryptablePropertySource("classpath:platform-encrypted.properties") })
public class PlatformEncryptionConfiguration {

@Bean(name = "encryptablePropertyDetector")
public EncryptablePropertyDetector encryptablePropertyDetector() {
    return new MyEncryptablePropertyDetector();
}

@Bean(name="encryptablePropertyResolver")
EncryptablePropertyResolver encryptablePropertyResolver() {
    return new MyEncryptablePropertyResolver();
}

private class MyEncryptablePropertyDetector implements EncryptablePropertyDetector {
    @Override
    public boolean isEncrypted(String value) {
        if (value != null) {
            return value.startsWith("3DES@");
        }
        return false;
    }

    @Override
    public String unwrapEncryptedValue(String value) {
        return value.substring("3DES@".length());
    }
}

private class MyEncryptablePropertyResolver implements EncryptablePropertyResolver {


    private final PooledPBEStringEncryptor encryptor;

    public MyEncryptablePropertyResolver() {
        this.encryptor = new PooledPBEStringEncryptor();
        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
        config.setPasswordCharArray("password".toCharArray());
        config.setAlgorithm("3DES");
        config.setKeyObtentionIterations("1000");
        config.setPoolSize(1);
        config.setProviderName("SunJCE");
        config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
        config.setStringOutputType("base64");
        encryptor.setConfig(config);
    }

    @Override
    public String resolvePropertyValue(String value) {
        if (value != null && value.startsWith("{cipher}")) {
            return encryptor.decrypt(value.substring("{cipher}".length()));
        }
        return value;
    }
}

}

in spring.factories -> org.springframework.cloud.bootstrap.BootstrapConfiguration=\

<packg>.PlatformEncryptionConfiguration.class

here are some logs
12:38:52.095 [main] DEBUG com.ulisesbocchio.jasyptspringboot.environment.StandardEncryptableEnvironment - Replacing PropertySource 'systemEnvironment' with 'systemEnvironment'
12:38:52.122 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Creating CGLIB proxy: target source is SingletonTargetSource for target object [org.springframework.core.env.MutablePropertySources@5a4aa2f2]
12:38:52.229 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public void org.springframework.core.env.MutablePropertySources.addFirst(org.springframework.core.env.PropertySource)
12:38:52.229 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public void org.springframework.core.env.MutablePropertySources.addLast(org.springframework.core.env.PropertySource)
12:38:52.229 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public void org.springframework.core.env.MutablePropertySources.addBefore(java.lang.String,org.springframework.core.env.PropertySource)
12:38:52.229 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public void org.springframework.core.env.MutablePropertySources.addAfter(java.lang.String,org.springframework.core.env.PropertySource)
12:38:52.229 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public int org.springframework.core.env.MutablePropertySources.precedenceOf(org.springframework.core.env.PropertySource)
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: protected void org.springframework.core.env.MutablePropertySources.assertLegalRelativeAddition(java.lang.String,org.springframework.core.env.PropertySource)
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: protected void org.springframework.core.env.MutablePropertySources.removeIfPresent(org.springframework.core.env.PropertySource)
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public org.springframework.core.env.PropertySource org.springframework.core.env.MutablePropertySources.remove(java.lang.String)
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public org.springframework.core.env.PropertySource org.springframework.core.env.MutablePropertySources.get(java.lang.String)
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public java.lang.String org.springframework.core.env.MutablePropertySources.toString()
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public void org.springframework.core.env.MutablePropertySources.replace(java.lang.String,org.springframework.core.env.PropertySource)
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public boolean org.springframework.core.env.MutablePropertySources.contains(java.lang.String)
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public int org.springframework.core.env.MutablePropertySources.size()
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Unable to apply any optimizations to advised method: public java.util.Iterator org.springframework.core.env.MutablePropertySources.iterator()
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Found 'equals' method: public boolean java.lang.Object.equals(java.lang.Object)
12:38:52.230 [main] DEBUG org.springframework.aop.framework.CglibAopProxy - Found 'hashCode' method:
Ulises Bocchio
@ulisesbocchio
@Ravattailor I don’t see a full stack trace of the error. Can you please open an issue on github?
Ghost
@ghost~5b08154ed73408ce4f9ab57b
Sure
Ghost
@ghost~5b08154ed73408ce4f9ab57b
@ulisesbocchio , I have the reset branch and tried again after that I didn't get same Issue again
but have some doubt related to 3DES.
https://stackoverflow.com/questions/51240262/jasypt-3des-with-custom-prefix-suffix
can you please help me on this
Daniyar Yeralin
@yeralin

Hey, guys may I ask for help?

I added com.github.ulisesbocchio:jasypt-spring-boot-starter:1.17 to Spring Boot app. I encrypted MySQL password with test, and added this JVM arg -Djasypt.encryptor.password=test.

I start my Spring Boot app, see following logs:

2018-10-12 12:30:05 INFO  EnableEncryptablePropertiesBeanFactoryPostProcessor:48 - Post-processing PropertySource instances
2018-10-12 12:30:05 INFO  EncryptablePropertySourceConverter:38 - Converting PropertySource bootstrap [org.springframework.core.env.MapPropertySource] to EncryptableMapPropertySourceWrapper
2018-10-12 12:30:05 INFO  EncryptablePropertySourceConverter:38 - Converting PropertySource servletConfigInitParams [org.springframework.core.env.PropertySource$StubPropertySource] to EncryptablePropertySourceWrapper
2018-10-12 12:30:05 INFO  EncryptablePropertySourceConverter:38 - Converting PropertySource servletContextInitParams [org.springframework.core.env.PropertySource$StubPropertySource] to EncryptablePropertySourceWrapper
2018-10-12 12:30:05 INFO  EncryptablePropertySourceConverter:38 - Converting PropertySource jndiProperties [org.springframework.jndi.JndiPropertySource] to EncryptablePropertySourceWrapper
2018-10-12 12:30:05 INFO  EncryptablePropertySourceConverter:38 - Converting PropertySource systemProperties [org.springframework.core.env.MapPropertySource] to EncryptableMapPropertySourceWrapper
2018-10-12 12:30:05 INFO  EncryptablePropertySourceConverter:38 - Converting PropertySource systemEnvironment [org.springframework.core.env.SystemEnvironmentPropertySource] to EncryptableMapPropertySourceWrapper
2018-10-12 12:30:05 INFO  EncryptablePropertySourceConverter:38 - Converting PropertySource random [org.springframework.boot.context.config.RandomValuePropertySource] to EncryptablePropertySourceWrapper
2018-10-12 12:30:05 INFO  EncryptablePropertySourceConverter:38 - Converting PropertySource springCloudClientHostInfo [org.springframework.core.env.MapPropertySource] to EncryptableMapPropertySourceWrapper
2018-10-12 12:30:05 INFO  EncryptablePropertySourceConverter:38 - Converting PropertySource defaultProperties [org.springframework.core.env.MapPropertySource] to EncryptableMapPropertySourceWrapper

But when I try to resolve my MySQL pwd:

@Value("${spring.datasource.password}")
private String password;

It never decrypts it, it is resolved as ENC(...) instead of decrypted password.

I'm very close, and I feel like I'm missing something

Daniyar Yeralin
@yeralin
resolved by upgrading to 1.18