Sunday, November 19, 2017

Encrypting sensitive data in Spring application.properties file

If you want to encrypt passwords, keys and other sensitive information in your application.properties file, then you have a nifty solution from an open source encryption library called as Jasypt.

We begin by adding the maven dependency of jasypt-spring-boot-starter to our Spring Boot application. The steps involved in integrating Jasypt into your Spring Boot application is as follows:

1. First using Jasypy and a secret password, created encrypted tokens of all sensitive information.

2. Put this encrypted token in your properties file with the value enclosed with string 'ENC' - e.g. password=ENC(encrypted-token)

3. Retrieve your properties in Spring classes the same old way - e.g. using the @Value annotation or env.getProperty() method.

A good example explaining this is here - https://www.ricston.com/blog/encrypting-properties-in-spring-boot-with-jasypt-spring-boot/  with source code available here.