Fork me on GitHub

Example Settings4j

An example how secured-properties can be used with Spring-Boot.


Spring-Boot has a nice clear definition how an application should be configured.

typically configurations are place in file:./ or file:./config/

Limitation: Property-files in classpath cannot be modified, and YAML variants are not supported to auto-encrypt values by secured-properties for now.

Implementation Pattern

It is recommended to create a simple Helper class to initial encrypt values in the propoerty files and decrypt the values on demand where you need it.

Typically spring-boot config

In Spring-Boot you can simpley annotate a simple POJO with @ConfigurationProperties for application-configurations

Like the following Example:

@ConfigurationProperties(prefix = "")
public class SpringBootTestProperties {
    private String anotherSecretPassword;
    private String mySecretPassword;

    public String getAnotherSecretPassword() {
        return anotherSecretPassword;

The complete code is in

Secured Properties Helper

The Helper contains your secured-properties configuration and can be used to initial encrypt unencrypted values in the propoerty files and decrypt the values on demand where you need it.

import net.brabenetz.lib.securedproperties.SecuredProperties;
import net.brabenetz.lib.securedproperties.SecuredPropertiesConfig;


public class SpringBootSecuredPropertiesHelper {
    // Here you should look if you maybe need a custom config:
    private static final SecuredPropertiesConfig config = new SecuredPropertiesConfig().initDefault();

    // the same property files which are supported by spring-boot:
    private static File[] propertyFiles = new File[] {new File("./config/"), new File("./")};

    public static void encryptProperties(String... keys) {
        SecuredProperties.encryptNonEncryptedValues(config, propertyFiles, keys);

    public static String decrypt(String value) {
        if (SecuredProperties.isEncryptedValue(value)) {
            return SecuredProperties.decrypt(config, value);
        return value;


The complete code is in

The Spring-Boot Starter Application

A spring-Boot application has a starter-class where you can directly decrypt values in the property-files if needed before it is used by spring.

public class SpringBootStarterApplication {

    public static void main(String[] args) {
        securePasswords();, args);

    private static void securePasswords() {
        // this will encrypt the given properties if there are not already encrypted:

The complete code is in

Some Service-Class

Now you can decrypt the values of your Properties class whereever you need it.

public class SpringBootTestService {

    private SpringBootTestProperties testProperties;

    public void runHelloworld() {
        // decrypt the password as late as possible:
        System.out.println("MySecretPassword: " + SpringBootSecuredPropertiesHelper.decrypt(testProperties.getMySecretPassword()));

The complete code is in