Quick Jasypt Spring 3 Tutorial

This is a quick tutorial on setting up Jasypt with Spring 3. You will need to be familiar with Maven and m2e to follow the steps below.

1. Create a new Maven Project using the Eclipse New Wizard. When prompted for the archetype, pick the spring-mvc-jpa-archetype. This will give us a running Spring MVC web application.

2. Enter com.teamextension for the groupId. Enter quickjasypt for the artifactId. Enter com.teamextension.quickjasypt for the package. Hit Finish.

3. Right click on the quickjasypt project and go to Maven -> Add Dependency. Enter the groupId org.jasypt and the artifactId jasypt. This adds the Jasypt library to our Spring MVC application.

4. Edit src/main/webapp/WEB-INF/spring/db.xml. Remove the existing placeHolderConfig bean and add the beans:

  1. EnvironmentStringPBEConfig
  2. StandardPBEStringEncryptor
  3. EncryptablePropertyPlaceholderConfigurer
<bean id="encryptorConfig" class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
  	<property name="algorithm" value="PBEWithMD5AndDES" />
  	<property name="passwordEnvName" value="PASSWORD_ENV_VARIABLE" />

<bean id="encryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
	<property name="config" ref="encryptorConfig" />

<bean class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">
	<constructor-arg ref="encryptor" />
	<property name="locations">

5. Open src/main/resources/db.properties and you will see the password is in plain text. Now let’s use Jasypt to encrypt our passwords.

6. Download and unzip the Jasypt distribution, then open a command line at at the bin directory. Encrypt the password by running

encrypt input="database password" password="master password" algorithm="PBEWITHMD5ANDDES"

7. Copy the output of the encrypt command and update the password in db.properties. Enclose the encrypted password with ENC().


8. In the runtime/deployment environment, make sure an environment variable PASSWORD_ENV_VARIABLE=master password is set. This is the master password entered in the encrypt command. Note that the PASSWORD_ENV_VARIABLE is specified in the encryptorConfig bean in db.xml.

For more information, please visit the Jasypt with Spring Framework page.

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *