In my spring boot application, I want jasypt to decrypt injected properties in all components but one.
I find jasypt automatic encryption/decryption handy, but in my SecurityConfig
I want to get the encrypted values, and decrypt them later.
How can I disable jasypt decryption for one property or one class?
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${password}")
private String password;// <= this field will contain the decrypted password, but should contain the encrypted password
}
There is a workaround: Write this in your application.properties:
password=ENC_X(1234)
And replace ENC_X
to ENC
, when injecting the property:
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Value("#{'${password}'.replaceFirst('^ENC_X','ENC')}")
private String password;// <= this field will contain 'ENC(1234)' (unencrypted)
}