search

ulisesbocchio / jasypt-spring-boot

Jasypt integration for Spring boot
MIT License
2.87k stars 514 forks source link

Spring Cloud Config Client with 4.0.1 with Jasypt 3.0.5 does not decrypt the credentials for the Spring Cloud Config Server on startup #357

Closed saurabhsule82 closed 1 year ago

saurabhsule82 commented 1 year ago

I'm trying to using Jasypt 3.0.5 in our Spring Cloud Config Client based on 4.0.1 release (Spring 6.0.5 release) so that I can encrypt the credentials for the Spring Cloud Config Server in the client's application.properties file. I've written the client based on the examples provided and I see that the credentials are not decrypted when the client is executed. As a result the connection fails. I'm unable to find a way where the credentials are decrypted before they are used by the client to make a connection to the config server. Encrypting any other custom property in the application.properties works well.

Here is my sample code:

//////////////////////////

import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.CommandLineRunner; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.core.env.Environment;

import com.ulisesbocchio.jasyptspringboot.annotation.EnableEncryptableProperties;

@SpringBootApplication @EnableEncryptableProperties public class ConfigServerSampleClient implements CommandLineRunner {

@Autowired
private Environment env;

public static void main(String[] args) throws Exception {
    SpringApplication.run(ConfigServerSampleClient.class, args);
}

}

//////////////////////

Here is my application.properties file:

spring.profiles.active=test

spring.application.name=config-client

spring.config.import=configserver:https://localhost:8443/config-server/

spring.cloud.config.username=ENC(ESbGS75MjvgICT/bPDwk/vTo2ZBVTnqQkpyoGNP/WohJobV653/UswcirTRVP5aQ)

spring.cloud.config.password=ENC(oCirYOlGhC9yQRVLe+WXGfPvRokLH5t/12182FmtAuHvcLNIwA3JEprsUBUYlEcL)

Any help is really appreciated.

saurabhsule82 commented 1 year ago

I resolved the issue. Here is what I had to do to implement Jasypt encryption in Spring Cloud Config Client which basically is a Spring Boot Application that acts as client for Spring Cloud Config Server:

  1. Inside my pom.xml, I had to import following dependencies:

    org.springframework.cloud spring-cloud-starter-config 
    <dependency>
    <groupId>org.springframework.cloud</groupId>
    <artifactId>spring-cloud-starter-bootstrap</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot-starter</artifactId>
    <version>3.0.5</version>
</dependency>
<dependency>
    <groupId>com.github.ulisesbocchio</groupId>
    <artifactId>jasypt-spring-boot</artifactId>
    <version>3.0.5</version>
</dependency>

  2. In my main class, I made two changes: Earlier (not working): @SpringBootApplication @@EnableEncryptableProperties public class ConfigServerSampleClient implements CommandLineRunner { public static void main(String[] args) throws Exception { SpringApplication.run(ConfigServerSampleClient.class, args); } } Now (working): @SpringBootApplication public class ConfigServerSampleClient implements CommandLineRunner { public static void main(String[] args) throws Exception { new SpringApplicationBuilder() .environment(new StandardEncryptableEnvironment()) .sources(ConfigServerSampleClient.class).run(args); } }