codingstuff.io
ExploreTutorialsProblemsCS Subjects
Get Started
ExploreTutorialsProblemsCS Subjects
Get Started
codingstuff.io

Master the art of building software through interactive tutorials, real-world problems, and guided projects.

Pune, Maharashtra, India

codingstuffmail@gmail.com

Product

  • Explore
  • Tutorials
  • Problems
  • CS Subjects

Company

  • About
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • Sitemap

© 2026 codingstuff.io. All rights reserved.

Built with ❤️ for developers everywhere

/
/
All Tutorials
🍃

Spring Boot

58 / 62 topics
56Security Basics in Spring Boot57CSRF Protection in Spring Boot58Data Encryption in Spring Boot59Audit Logging in Spring Boot
Tutorials/Spring Boot/Data Encryption in Spring Boot
🍃Spring Boot

Data Encryption in Spring Boot

Updated 2026-05-15
10 min read

Data Encryption in Spring Boot

Introduction

In today's digital age, securing sensitive data is of paramount importance. Spring Boot provides robust security features that can be leveraged to encrypt and protect your application’s data. This tutorial will guide you through the process of encrypting sensitive data using Spring Security.

Concept

Spring Security offers several mechanisms for data encryption, including symmetric and asymmetric encryption. Symmetric encryption uses the same key for both encryption and decryption, while asymmetric encryption uses a pair of keys: a public key for encryption and a private key for decryption.

In this tutorial, we will focus on symmetric encryption using Spring Security's DataEncryptor interface. This approach is suitable for encrypting sensitive data such as passwords or credit card numbers stored in your database.

Examples

Step 1: Add Dependencies

First, ensure that you have the necessary dependencies in your pom.xml file if you are using Maven:

XML
1<dependencies>
2 <dependency>
3 <groupId>org.springframework.boot</groupId>
4 <artifactId>spring-boot-starter-security</artifactId>
5 </dependency>
6 <dependency>
7 <groupId>org.springframework.security</groupId>
8 <artifactId>spring-security-crypto</artifactId>
9 </dependency>
10</dependencies>

Step 2: Configure Encryption

Next, we need to configure the encryption in our Spring Boot application. We will create a configuration class that sets up a DataEncryptor bean.

Java
1import org.springframework.context.annotation.Bean;
2import org.springframework.context.annotation.Configuration;
3import org.springframework.security.crypto.encrypt.Encryptors;
4import org.springframework.security.crypto.encrypt.TextEncryptor;
5
6@Configuration
7public class EncryptionConfig {
8
9 @Bean
10 public TextEncryptor textEncryptor() {
11 return Encryptors.text("encryptionPassword", "salt");
12 }
13}

In this example, "encryptionPassword" is the secret key used for encryption and decryption, and "salt" is a random value that adds an additional layer of security.

Step 3: Use Encryption in Your Application

Now that we have configured the encryption, let's see how to use it in our application. We will create a simple service class that encrypts and decrypts sensitive data.

Java
1import org.springframework.beans.factory.annotation.Autowired;
2import org.springframework.security.crypto.encrypt.TextEncryptor;
3import org.springframework.stereotype.Service;
4
5@Service
6public class EncryptionService {
7
8 private final TextEncryptor textEncryptor;
9
10 @Autowired
11 public EncryptionService(TextEncryptor textEncryptor) {
12 this.textEncryptor = textEncryptor;
13 }
14
15 public String encrypt(String data) {
16 return textEncryptor.encrypt(data);
17 }
18
19 public String decrypt(String encryptedData) {
20 return textEncryptor.decrypt(encryptedData);
21 }
22}

Step 4: Test the Encryption

Finally, let's test our encryption service. We will create a simple REST controller to demonstrate how to encrypt and decrypt data.

Java
1import org.springframework.beans.factory.annotation.Autowired;
2import org.springframework.web.bind.annotation.PostMapping;
3import org.springframework.web.bind.annotation.RequestBody;
4import org.springframework.web.bind.annotation.RequestMapping;
5import org.springframework.web.bind.annotation.RestController;
6
7@RestController
8@RequestMapping("/encryption")
9public class EncryptionController {
10
11 private final EncryptionService encryptionService;
12
13 @Autowired
14 public EncryptionController(EncryptionService encryptionService) {
15 this.encryptionService = encryptionService;
16 }
17
18 @PostMapping("/encrypt")
19 public String encrypt(@RequestBody String data) {
20 return encryptionService.encrypt(data);
21 }
22
23 @PostMapping("/decrypt")
24 public String decrypt(@RequestBody String encryptedData) {
25 return encryptionService.decrypt(encryptedData);
26 }
27}

Testing the Endpoints

You can test the endpoints using a tool like Postman or curl. Here’s how you can encrypt and decrypt data:

Terminal
curl -X POST http://localhost:8080/encryption/encrypt -H "Content-Type: application/json" -d '"sensitiveData"'
Output
"encryptedData"
Terminal
curl -X POST http://localhost:8080/encryption/decrypt -H "Content-Type: application/json" -d '"encryptedData"'
Output
"sensitiveData"

What's Next?

After mastering data encryption, you might want to explore other security features in Spring Boot, such as audit logging. This will help you keep track of who accessed your application and what actions they performed.

By following this tutorial, you should now have a good understanding of how to encrypt sensitive data using Spring Security. Remember to always secure your keys and salts properly to maintain the integrity of your encryption mechanism.


PreviousCSRF Protection in Spring BootNext Audit Logging in Spring Boot

Recommended Gear

CSRF Protection in Spring BootAudit Logging in Spring Boot