Hey Team,
As a bunch of adopters we use Jasypt which provides a very handy way to decrypt marked properties (e.g. foo=encoded(12b1412)) given a decryptor bean.
Doing this from the outside forces Jasypt to decorate original property sources via a proxy or wrapper that might lose the original type. For instance OriginLookup from Spring Boot is lost in translation, also some optimizations, SystemEnvironment awareness etc.
Would it be possible to add an interceptor for property resolution so we can do this kind of post processing, and why not some metrics as well if needed (lookup counts) etc.
Comment From: philwebb
@mp911de Might be interested in this for spring-vault
Comment From: bclozel
We discussed this issue and it seems that this use case can be implemented using:
- a specific
PropertySource(see Spring Vault) - use an
ApplicationContextInitializerto add a custom converter to theConversionService(if encrypted keys can be detected)
We're closing this issue as a result. We can revisit this decision if the existing solutions are not enough.