We're using Jasypt to encrypt some config properties (database passwords) but since the decryption key is stored on each environment's file system we have to do some manual @Bean
configuration to load the password from the file then overlay loading properties with an EncryptablePropertiesPropertySource
.
Because it is so manual we've had to run this code in @PostConstruct
of the WebApplicationConfig
class and (although this hasn't happened yet) it runs the risk of loading these after the datasource bean is configured with calls to the Environment
- giving null pointer exception. @Lazy
loading would be an option but obviously this means we'd then be working with fragile config which we'd like to avoid.
Ultimately we want to be able to use the default classpath:application.properties
so don't want to affect existing (default) setup, but we do want to be able to use an encryptable property source as a complete replacement to the Spring one, and to have Spring load the decryption code from a file before anything else happens. Is there a way to tighter integrate loading encryptable properties earlier in the application startup and configuration?