Data Security Protection

Mongo-Plus provides data security protection features designed to prevent sensitive information leaks caused by developer turnover. Starting from version 2.1.4, Mongo-Plus supports enhanced database security through encrypted configuration.

Configuration Encryption

Mongo-Plus allows you to use encrypted strings to configure database connection information. In configuration files, items within ${ENC:} are treated as encrypted content.

yaml

mongo-plus:
  data:
    mongodb:
      username: ${ENC:e5fc2ecf9aeb079bd1fdebf1e189e0e7}
      password: ${ENC:e9b75f44fe5e83c26d50935429e5d285aec14ae224abe9d08a3e2cab9308732e}

Key Encryption

Use AES algorithm to generate random keys and encrypt sensitive data.

java

public static void main(String[] args) throws Exception {
    String secretKey = AESExample.generateRandom();
    String encryptedData = encrypt("data", secretKey);
    System.out.println("Ciphertext："+encryptedData);
}

How to Use

Pass the key through command line arguments or environment variables when starting the application.

java

// Jar startup parameter example (set as Program arguments in IDEA, or as startup environment variables on server)
--mpw.key=rhNFcgdak7P4qDBm
// Unit test parameter example
@SpringBootTest(args = "--mpw.key=rhNFcgdak7P4qDBm")

注意

Encrypted content must be wrapped with ${ENC:}
The random key should be properly kept by the responsible person, and the fewer people who know it, the better.

Data Security Protection ​

Configuration Encryption ​

Key Encryption ​

How to Use ​

Data Security Protection

Configuration Encryption

Key Encryption

How to Use