Closed jmardis10 closed 6 years ago
ulisesbocchio
commented
6 years ago I don't think putting application.yml or bootstrap.yml in the same folder as the jar does anything. You have to add those files in the root of the classpath. Another thing you can do is override the properties via command line arguments or system properties. Every single property in spring can be overridden this way, check out the properties config docs for spring boot.
jmardis10
commented
6 years ago Spring boot reads the yml file that is in the same directory and it has higher precedence. Like I said before i added logging in my application to ensure it was getting the updated password value. I don't think this is the issue, but I will try setting the password via command line tomorrow. Thanks.
ulisesbocchio
commented
6 years ago should be fixed in 1.17
Hi,
I am using jasypt 1.16 version and spring boot 1.5.7 version. I believe this is similar to the bootsrap.properties issue that is open. In my Spring cloud config client, I have below configuration in bootstrap.yml
test: client: clientId: client clientSecret: ENC(encrypted_pass) accessTokenUri: url grantType: client_credentials
spring: profiles: active: test application: name: testApp cloud: config: uri: url enabled: false fail-fast: false
jasypt: encryptor: password: test
When I run my project locally it decrypts fine. I can change the encrypted value with different passwords and everything works as intended. The problem comes when I package and deploy my jar and place a bootstrap.yml file in the same directory as the jar file. If I use the same password in the outside yml file that was set when i packaged my jar everything is fine, for example test in this case. I can run the encrypt script from the jasypt command line tools with this password and the application will decrypt the newly encrypted value, but if I run the encrypt script to encrypt a value with a different password the application gets the EncryptionOperationNotPossibleException. I ensured that I could decrypt the encrypted value using the decrypt script in the command line tools and ensured the application had the same algorithm set that was run in the encrypt script. Why would the encryption/decryption only work with the outside bootstrap.yml if it uses the same password that is in the bootstrap.yml file that was packaged in the jar file of the application? I adding a log statement to make sure my application is grabbing the password in the outside jar and it is. It seems like something in the jasypt library is grabbing the wrong configured password. Shouldn't the outside bootsrap.yml overwrite what is inside the jar?Can someone please take a look at this?