We are using spring 4 place holder feature
<context:property-placeholder location="classpath:/configs/*.properties,classpath:/configs/specific/*-config.properties" />
The property files:
##sample.properties
user=admin
password=123
We try to encrypt the password in the property file. So the property file will be
##sample.properties
user=admin
password=ENC(RE%%$XC)
I found that the spring has forecast this. As mentioned in http://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/beans/factory/config/PropertyResourceConfigurer.html the convertPropertyValue
method has been documented as:
Convert the given property value from the properties source to the value which should be applied.
The default implementation simply returns the original value. Can be overridden in subclasses, for example to detect encrypted values and decrypt them accordingly.
But I don't know how to use it ?! I tried to define a new bean:
<bean class="foo.bar.security.DecryptPropertyConfigurer">
<property name="locations">
<list>
<value>classpath:/configs/*.properties</value>
<value>classpath:/configs/bsi/*-config.properties</value>
</list>
</property>
</bean>
And
public class DecryptPropertyConfigurer extends PropertySourcesPlaceholderConfigurer {
@Override
protected String convertPropertyValue(String originalValue){
//if value is between ENC() then decrypt it
//return originalValue or decrypted value;
}
}
When I set break point at convertPropertyValue
it seems that it is never called.
The http://romiawasthy.blogspot.com/2012/02/encryptdecrpt-properties-in-spring.html contains some good info but did not help me.
This seems to be a bug in spring https://jira.spring.io/browse/SPR-8928.
As a commented workaround there, one can use doProcessProperties
as
protected void doProcessProperties(ConfigurableListableBeanFactory beanFactoryToProcess, final StringValueResolver valueResolver) {
super.doProcessProperties(beanFactoryToProcess,
new StringValueResolver() {
@Override
public String resolveStringValue(String strVal) {
return convertPropertyValue(valueResolver.resolveStringValue(strVal));
}
}
);
}
Credits to Michael Gallag