jasypt-spring-boot: Failed to bind properties under 'spring.datasource.password' to java.lang.String`

getting several errors I have tried setting this up with first option it says

"encryptable properties will be enabled across the entire Spring Environment "

I am not sure where to put the password or how it knows what the password is to decrypt it

I have the encoded input in my property file like so

spring.datasource.password=ENC(du+QBwMsZb4kXSQI/eIL1RU46vtOgYZU)

Caused by: org.springframework.boot.context.properties.bind.BindException: Failed to bind properties under 'spring.datasource.password' to java.lang.String

Caused by: org.springframework.cache.Cache$ValueRetrievalException: Value for key 'spring.datasource.password' could not be loaded using 'com.ulisesbocchio.jasyptspringboot.caching.CachingDelegateEncryptablePropertySourc

Caused by: java.lang.IllegalStateException: either 'jasypt.encryptor.password' or one of ['jasypt.encryptor.privateKeyString', 'jasypt.encryptor.privateKeyLocation'] must be provided for Password-based or Asymmetric encryption

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 30 (4 by maintainers)

Most upvoted comments

If you were using default config before 3.0.0 (Major release, breaking changes) you need to set:

jasypt:
  encryptor:
    algorithm: PBEWithMD5AndDES
    iv-generator-classname: org.jasypt.iv.NoIvGenerator

Since the default algorithm changed, to keep your encrypted properties. Otherwise, you have to re-encrypt your properties.

+30
ulisesbocchio on Dec 30, 2019

Hey guys… I faced the same problem as you all… I managed to make it work by doing the following:

  • 1st: encrypt your password using PBEWithMD5AndTripleDES algorithm, example: ./encrypt.sh input="admin123" password=<myEncryptionPassword> algorithm=PBEWithMD5AndTripleDES

  • 2st: After doing that, in your application.properties include these properties:

jasypt.encryptor.password=<yourPassword>
jasypt.encryptor.iv-generator-classname=org.jasypt.iv.NoIvGenerator
jasypt.encryptor.algorithm=PBEWithMD5AndTripleDES

It worked fine for me. Im using: jasypt-spring-boot-starter 3.0.3 spring-boot 2.4.2

Hope that help you guys. Cheers

+10
costalopes71 on Feb 23, 2021

I also faced the same issue. Today i tried using spring boot jasypt library for password encryption and was continuously facing the same issue. I was using version 3.0.0. I am using jasypt 1.9.3 dist. When i was going through this post to resolve my issue and when i particularly read @afrancis-incomm comment i tried changing my version from 3.0.0 to 2.1.2(downgraded) and it worked. So it seems the issue is in 3.0.0. I also gone through the jasypt-spring-boot-demo demos to find a solution given by @ulisesbocchio. The reason why this demo works may be is the version of the dependency. May be if the version points to 3.0.0 the demo may not work. Please help us with this!

+3
Gopinath2409 on Dec 26, 2019

Hey guys… I faced the same problem as you all… I managed to make it work by doing the following:

  • 1st: encrypt your password using PBEWithMD5AndTripleDES algorithm, example: ./encrypt.sh input="admin123" password=<myEncryptionPassword> algorithm=PBEWithMD5AndTripleDES
  • 2st: After doing that, in your application.properties include these properties:
jasypt.encryptor.password=<yourPassword>
jasypt.encryptor.iv-generator-classname=org.jasypt.iv.NoIvGenerator
jasypt.encryptor.algorithm=PBEWithMD5AndTripleDES

It worked fine for me. Im using: jasypt-spring-boot-starter 3.0.3 spring-boot 2.4.2 Hope that help you guys. Cheers

This works, but the issue is that the password is now in application.properties. We don’t want that for security reasons, that’s why we use jasypt in the first place. Might as well not use jasypt at all then…

Good evening @BasBastiaansen, Yes, I added the password, algorithm and the generator in my application.properties. But I added their values loading from system enviroment variables. In my case, this was enough.

Example of my application.properties:

#SERVER CONFIGURATIONS
server.port=443
server.ssl.key-store-password=ENC(ENCRYPTED_VALUE)
server.ssl.key-store=ENC(ENCRYPTED_VALUE)
server.ssl.key-store-type=ENC(ENCRYPTED_VALUE)
server.ssl.key-alias=ENC(ENCRYPTED_VALUE)
http.port=80

#JASYPT
jasypt.encryptor.password=${JASYPT_ENCRYPTOR_PASSWORD:}
jasypt.encryptor.iv-generator-classname=${JASYPT_ENCRYPTOR_CLASSNAME:}
jasypt.encryptor.algorithm=${JASYPT_ENCRYPTOR_ALGORITHM:}

Hope I could help, Cheers

Yes, this should do it, thanks!

+2
BasBastiaansen on Jul 29, 2021

@ulisesbocchio I am also facing same issue while trying to use with spring security Configuration details as follows: application.properties

spring.security.user.name=user
spring.security.user.password=ENC(BcvdJW/La/AVFGjh3Yhm9Q==)
spring.security.user.roles=USER

Dependency:

<dependency>
  <groupId>com.github.ulisesbocchio</groupId>
  <artifactId>jasypt-spring-boot-starter</artifactId>
  <version>3.0.2</version>
</dependency>

Error:

***************************
APPLICATION FAILED TO START
***************************
Description:
Failed to bind properties under 'spring.security.user.password' to java.lang.String:
Reason: Failed to bind properties under 'spring.security.user.password' to java.lang.String
Action:
Update your application's configuration

I am passing VM Option argument as follows: -Djasypt.encryptor.password=helloworld

Note: As Gopinath2409 has mentioned - If I downgrade it to version 2.0.0 It works fine. Thank you.

+2
mananvyas on Apr 13, 2020
Read more comments on GitHub
← jasypt-spring-boot: Application fails to start with StackOverflowError
cameradar: Build failure: `curl version is too low` →