SpringBoot中安全的设置阿里云日志SLS的accessKey

  众所周知,阿里云的服务都是基于accesskeyId和accesskeySecret来进行身份鉴权的,但唯独日志因为需要写入到.xml文件里对于accesskeyId和accesskeySecret需要进行一定程度的改进,尤其是使用了jasypt进行加密的参数传递进去logback.xml更是会遇到需要对参数进行解密的问题,而官网只有简单粗略的带过如何自定义传入accessKey,以下由我来说一下我的改造计划. 

1.首先需要引入阿里云日志SLS和jasypt相关Maven包

 
        com.github.ulisesbocchio
        jasypt-spring-boot-starter
        3.0.3


 
        com.google.protobuf
        protobuf-java
        2.5.0



        com.aliyun.openservices
        aliyun-log-logback-appender
        0.1.29

2.自定义 jasypt.encryptor.password 密码并创建自定义jasypt的bean(务必先自定义jasypt密码),然后放入环境变量中或者你偷懒直接先写死在代码里,在环境变量中通过System.getenv来获取

import org.jasypt.encryption.StringEncryptor;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import org.jasypt.iv.RandomIvGenerator;
import org.jasypt.salt.RandomSaltGenerator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class JasyptConfig {
    @Bean("jasyptStringEncryptor")
    public StringEncryptor stringEncryptor(){
        StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
        encryptor.setAlgorithm("PBEWithMD5AndDES");
        encryptor.setIvGenerator(new RandomIvGenerator());
        encryptor.setSaltGenerator(new RandomSaltGenerator());
        encryptor.setStringOutputType("base64");
        encryptor.setPassword(System.getenv("jasypt.e