Closed spring-projects-issues closed 12 months ago
Thanks for the suggestion but that's the wrong place to request this. The core framework is really about providing building blocks that the rest of the portfolio leverages to build higher-level features. See this section of the Spring Boot ref guide.
member sound opened SPR-17303 and commented
Spring-Cloud has a feature to encrypt values in
application.properties
with a "{cipher}". But that requires the usage of a private keystore, and the installation of JCE java. Which is way too much if your intention is eg to just hide sensitive passwords from GIT.So spring lacks a simple properties encryption feature.
It would be nice to add such a feature, similar to
jasypt
: https://github.com/ulisesbocchio/jasypt-spring-bootWith Jasypt, properties can be stored as:
my.property=ENC(<encodedvalue>)
Then by simply providing an environment variable, or java vararg, the encrypted values are decrypted by a PropertySource PostProcessor.
Yet I don't know if spring-cloud is the correct library for such a basic feature. Or maybe spring-security? But it would be very helpful having that feature integrated in spring officially.
No further details from SPR-17303