Secure Your Data with MyBatis‑Plus 3.3.2: New Encryption Features Explained

MyBatis‑Plus 3.3.2 Released – New Elegant Data‑Security Measures

What is MyBatis‑Plus

MyBatis‑Plus (MP) is an enhancement tool for MyBatis that adds features without changing the core, aiming to simplify development and improve efficiency.

Our vision is to become the best partner for MyBatis, like the 1P/2P duo in Contra, doubling efficiency.

Configuring Security

Data‑security protection aims to safeguard database configuration and data, limiting the risk of sensitive information leakage caused by developer turnover.

YML configuration:

// Encryption configuration: mpw: prefix followed by encrypted content (not limited to DB config)
spring:
  datasource:
    url: mpw:qRhvCwF4GOqjessEB3G+a5okP+uXXr96wcucn2Pev6BfaoEMZ1gVpPPhdDmjQqoM
    password: mpw:Hzy5iliJbwDHhjLs1L0j6w==
    username: mpw:Xb+EgsyuYRXw7U7sBJjBpA==

Key Encryption

// Generate a 16‑byte random AES key
String randomKey = AES.generateRandomKey();

// Encrypt with random key
String result = AES.encrypt(data, randomKey);

// Usage as Jar startup parameter (IDEA Program arguments)
--mpw.key=d1104d7c2b606f0b

Note!

Encrypted configuration must start with the mpw: prefix. Keep the random key securely; the fewer people who know it, the better.

Changelog

Pagination parameter extraction, unit test fixes

Support for DM and Microsoft database code‑generator table filtering

Fix code‑generator property field rule errors

SelectById now supports custom method names

Fix pagination plugin database type detection

JSON converter null‑value handling

Add AES encryption for DB username and password

Improve generic method parameters support

In the next article we will share the design and implementation of configuration file encryption and decryption.