From 0ba365dabc3c18a7b07eaec05c17a8848642e78f Mon Sep 17 00:00:00 2001 From: Charles7c Date: Fri, 25 Jul 2025 21:43:13 +0800 Subject: [PATCH] =?UTF-8?q?feat(security/crypto):=20=E6=96=B0=E5=A2=9E?= =?UTF-8?q?=E5=AF=86=E7=A0=81=E7=BC=96=E7=A0=81=E5=99=A8=E9=85=8D=E7=BD=AE?= =?UTF-8?q?=EF=BC=88=E7=94=B1=E5=8E=9F=20security/password=20=E6=A8=A1?= =?UTF-8?q?=E5=9D=97=E8=9E=8D=E5=90=88=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 4 +- continew-starter-bom/pom.xml | 6 -- .../core/constant/PropertiesConstants.java | 5 -- .../continew-starter-security-crypto/pom.xml | 13 ++- .../CryptoAutoConfiguration.java | 34 ++++++++ .../autoconfigure/CryptoProperties.java | 15 ++++ .../PasswordEncoderProperties.java | 7 +- .../encryptor/PasswordEncoderEncryptor.java | 2 +- .../enums/PasswordEncoderAlgorithm.java | 2 +- .../exception/PasswordEncodeException.java | 2 +- .../crypto}/util/PasswordEncoderUtil.java | 6 +- .../pom.xml | 25 ------ .../PasswordEncoderAutoConfiguration.java | 87 ------------------- ...ot.autoconfigure.AutoConfiguration.imports | 1 - .../src/main/resources/default-password.yml | 6 -- continew-starter-security/pom.xml | 5 +- 16 files changed, 67 insertions(+), 153 deletions(-) rename continew-starter-security/{continew-starter-security-password/src/main/java/top/continew/starter/security/password => continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto}/autoconfigure/PasswordEncoderProperties.java (79%) rename continew-starter-security/{continew-starter-security-password/src/main/java/top/continew/starter/security/password => continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto}/enums/PasswordEncoderAlgorithm.java (96%) rename continew-starter-security/{continew-starter-security-password/src/main/java/top/continew/starter/security/password => continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto}/exception/PasswordEncodeException.java (95%) rename continew-starter-security/{continew-starter-security-password/src/main/java/top/continew/starter/security/password => continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto}/util/PasswordEncoderUtil.java (95%) delete mode 100644 continew-starter-security/continew-starter-security-password/pom.xml delete mode 100644 continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/autoconfigure/PasswordEncoderAutoConfiguration.java delete mode 100644 continew-starter-security/continew-starter-security-password/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports delete mode 100644 continew-starter-security/continew-starter-security-password/src/main/resources/default-password.yml diff --git a/README.md b/README.md index 71a10924..28472fd7 100644 --- a/README.md +++ b/README.md @@ -167,9 +167,9 @@ continew-starter │ └─ continew-starter-data-mf(MyBatis Flex) ├─ continew-starter-security(安全模块) │ ├─ continew-starter-security-crypto(加密:字段加解密) -│ ├─ continew-starter-security-xss(XSS 过滤) │ ├─ continew-starter-security-mask(脱敏:JSON 数据脱敏) -│ └─ continew-starter-security-password(密码编码器) +│ ├─ continew-starter-security-xss(XSS 过滤) +│ └─ continew-starter-security-sensitivewords(敏感词) ├─ continew-starter-ratelimiter(限流模块) ├─ continew-starter-idempotent(幂等模块) ├─ continew-starter-trace(链路追踪模块) diff --git a/continew-starter-bom/pom.xml b/continew-starter-bom/pom.xml index d4e6dbb5..e96ed5b0 100644 --- a/continew-starter-bom/pom.xml +++ b/continew-starter-bom/pom.xml @@ -104,12 +104,6 @@ ${revision} - - - top.continew.starter - continew-starter-security-password - ${revision} - top.continew.starter diff --git a/continew-starter-core/src/main/java/top/continew/starter/core/constant/PropertiesConstants.java b/continew-starter-core/src/main/java/top/continew/starter/core/constant/PropertiesConstants.java index d7f5d45b..d1333e5a 100644 --- a/continew-starter-core/src/main/java/top/continew/starter/core/constant/PropertiesConstants.java +++ b/continew-starter-core/src/main/java/top/continew/starter/core/constant/PropertiesConstants.java @@ -54,11 +54,6 @@ public class PropertiesConstants { */ public static final String SECURITY = CONTINEW_STARTER + StringConstants.DOT + "security"; - /** - * 安全-密码编解码配置 - */ - public static final String SECURITY_PASSWORD = SECURITY + StringConstants.DOT + "password"; - /** * 安全-加/解密配置 */ diff --git a/continew-starter-security/continew-starter-security-crypto/pom.xml b/continew-starter-security/continew-starter-security-crypto/pom.xml index 6a942f1b..4b0ca8cc 100644 --- a/continew-starter-security/continew-starter-security-crypto/pom.xml +++ b/continew-starter-security/continew-starter-security-crypto/pom.xml @@ -16,19 +16,18 @@ ContiNew Starter 安全模块 - 加密 - - - top.continew.starter - continew-starter-security-password - true - - cn.hutool hutool-crypto + + + org.springframework.security + spring-security-crypto + + com.baomidou diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java index 50e8a255..272d80d8 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java @@ -25,11 +25,20 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.PropertySource; +import org.springframework.security.crypto.factory.PasswordEncoderFactories; +import org.springframework.security.crypto.password.DelegatingPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; import top.continew.starter.core.constant.PropertiesConstants; import top.continew.starter.core.util.GeneralPropertySourceFactory; +import top.continew.starter.core.util.validation.CheckUtils; +import top.continew.starter.security.crypto.enums.PasswordEncoderAlgorithm; import top.continew.starter.security.crypto.mybatis.MyBatisDecryptInterceptor; import top.continew.starter.security.crypto.mybatis.MyBatisEncryptInterceptor; import top.continew.starter.security.crypto.util.EncryptHelper; +import top.continew.starter.security.crypto.util.PasswordEncoderUtil; + +import java.util.HashMap; +import java.util.Map; /** * 加/解密自动配置 @@ -69,6 +78,31 @@ public class CryptoAutoConfiguration { return new MyBatisDecryptInterceptor(); } + /** + * 密码编码器配置 + * + * @see DelegatingPasswordEncoder + * @see PasswordEncoderFactories + */ + @Bean + @ConditionalOnMissingBean + @ConditionalOnProperty(prefix = PropertiesConstants.SECURITY_CRYPTO + ".password-encoder", name = PropertiesConstants.ENABLED, havingValue = "true") + public PasswordEncoder passwordEncoder() { + PasswordEncoderProperties passwordEncoderProperties = properties.getPasswordEncoder(); + Map encoders = new HashMap<>(); + encoders.put(PasswordEncoderAlgorithm.BCRYPT.name().toLowerCase(), PasswordEncoderUtil + .getEncoder(PasswordEncoderAlgorithm.BCRYPT)); + encoders.put(PasswordEncoderAlgorithm.SCRYPT.name().toLowerCase(), PasswordEncoderUtil + .getEncoder(PasswordEncoderAlgorithm.SCRYPT)); + encoders.put(PasswordEncoderAlgorithm.PBKDF2.name().toLowerCase(), PasswordEncoderUtil + .getEncoder(PasswordEncoderAlgorithm.PBKDF2)); + encoders.put(PasswordEncoderAlgorithm.ARGON2.name().toLowerCase(), PasswordEncoderUtil + .getEncoder(PasswordEncoderAlgorithm.ARGON2)); + PasswordEncoderAlgorithm algorithm = passwordEncoderProperties.getAlgorithm(); + CheckUtils.throwIf(PasswordEncoderUtil.getEncoder(algorithm) == null, "不支持的加密算法: {}", algorithm); + return new DelegatingPasswordEncoder(algorithm.name().toLowerCase(), encoders); + } + @PostConstruct public void postConstruct() { EncryptHelper.init(properties); diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoProperties.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoProperties.java index 19b6f3f1..78ce2363 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoProperties.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoProperties.java @@ -17,6 +17,7 @@ package top.continew.starter.security.crypto.autoconfigure; import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.boot.context.properties.NestedConfigurationProperty; import top.continew.starter.core.constant.PropertiesConstants; import top.continew.starter.security.crypto.enums.Algorithm; @@ -55,6 +56,12 @@ public class CryptoProperties { */ private String privateKey; + /** + * 密码编码器配置 + */ + @NestedConfigurationProperty + private PasswordEncoderProperties passwordEncoder; + public boolean isEnabled() { return enabled; } @@ -94,4 +101,12 @@ public class CryptoProperties { public void setPrivateKey(String privateKey) { this.privateKey = privateKey; } + + public PasswordEncoderProperties getPasswordEncoder() { + return passwordEncoder; + } + + public void setPasswordEncoder(PasswordEncoderProperties passwordEncoder) { + this.passwordEncoder = passwordEncoder; + } } \ No newline at end of file diff --git a/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/autoconfigure/PasswordEncoderProperties.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/PasswordEncoderProperties.java similarity index 79% rename from continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/autoconfigure/PasswordEncoderProperties.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/PasswordEncoderProperties.java index 110d8521..4e4ff571 100644 --- a/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/autoconfigure/PasswordEncoderProperties.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/PasswordEncoderProperties.java @@ -14,11 +14,9 @@ * limitations under the License. */ -package top.continew.starter.security.password.autoconfigure; +package top.continew.starter.security.crypto.autoconfigure; -import org.springframework.boot.context.properties.ConfigurationProperties; -import top.continew.starter.core.constant.PropertiesConstants; -import top.continew.starter.security.password.enums.PasswordEncoderAlgorithm; +import top.continew.starter.security.crypto.enums.PasswordEncoderAlgorithm; /** * 密码编解码配置属性 @@ -26,7 +24,6 @@ import top.continew.starter.security.password.enums.PasswordEncoderAlgorithm; * @author Jasmine * @since 1.3.0 */ -@ConfigurationProperties(PropertiesConstants.SECURITY_PASSWORD) public class PasswordEncoderProperties { /** diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java index 3030a4af..ec243043 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java @@ -19,7 +19,7 @@ package top.continew.starter.security.crypto.encryptor; import cn.hutool.extra.spring.SpringUtil; import org.springframework.security.crypto.password.PasswordEncoder; import top.continew.starter.security.crypto.autoconfigure.CryptoContext; -import top.continew.starter.security.password.autoconfigure.PasswordEncoderProperties; +import top.continew.starter.security.crypto.autoconfigure.PasswordEncoderProperties; /** * 密码编码器加/解密处理器 diff --git a/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/enums/PasswordEncoderAlgorithm.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/PasswordEncoderAlgorithm.java similarity index 96% rename from continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/enums/PasswordEncoderAlgorithm.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/PasswordEncoderAlgorithm.java index 60836fa3..1a156177 100644 --- a/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/enums/PasswordEncoderAlgorithm.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/PasswordEncoderAlgorithm.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.password.enums; +package top.continew.starter.security.crypto.enums; import java.util.regex.Pattern; diff --git a/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/exception/PasswordEncodeException.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/exception/PasswordEncodeException.java similarity index 95% rename from continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/exception/PasswordEncodeException.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/exception/PasswordEncodeException.java index 94221cfa..71e1958a 100644 --- a/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/exception/PasswordEncodeException.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/exception/PasswordEncodeException.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.password.exception; +package top.continew.starter.security.crypto.exception; import top.continew.starter.core.exception.BaseException; diff --git a/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/util/PasswordEncoderUtil.java b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/PasswordEncoderUtil.java similarity index 95% rename from continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/util/PasswordEncoderUtil.java rename to continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/PasswordEncoderUtil.java index 1a86bfcb..a2cc387f 100644 --- a/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/util/PasswordEncoderUtil.java +++ b/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/PasswordEncoderUtil.java @@ -14,15 +14,15 @@ * limitations under the License. */ -package top.continew.starter.security.password.util; +package top.continew.starter.security.crypto.util; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.argon2.Argon2PasswordEncoder; import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder; import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder; -import top.continew.starter.security.password.enums.PasswordEncoderAlgorithm; -import top.continew.starter.security.password.exception.PasswordEncodeException; +import top.continew.starter.security.crypto.enums.PasswordEncoderAlgorithm; +import top.continew.starter.security.crypto.exception.PasswordEncodeException; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; diff --git a/continew-starter-security/continew-starter-security-password/pom.xml b/continew-starter-security/continew-starter-security-password/pom.xml deleted file mode 100644 index a06c6d45..00000000 --- a/continew-starter-security/continew-starter-security-password/pom.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - 4.0.0 - - top.continew.starter - continew-starter-security - ${revision} - - - continew-starter-security-password - jar - - ${project.artifactId} - ContiNew Starter 安全模块 - 密码编码器 - - - - - org.springframework.security - spring-security-crypto - - - \ No newline at end of file diff --git a/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/autoconfigure/PasswordEncoderAutoConfiguration.java b/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/autoconfigure/PasswordEncoderAutoConfiguration.java deleted file mode 100644 index b0bc1a5f..00000000 --- a/continew-starter-security/continew-starter-security-password/src/main/java/top/continew/starter/security/password/autoconfigure/PasswordEncoderAutoConfiguration.java +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved. - *

- * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE 3.0; - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - *

- * http://www.gnu.org/licenses/lgpl.html - *

- * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package top.continew.starter.security.password.autoconfigure; - -import jakarta.annotation.PostConstruct; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.boot.autoconfigure.AutoConfiguration; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.boot.context.properties.EnableConfigurationProperties; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.PropertySource; -import org.springframework.security.crypto.factory.PasswordEncoderFactories; -import org.springframework.security.crypto.password.DelegatingPasswordEncoder; -import org.springframework.security.crypto.password.PasswordEncoder; -import top.continew.starter.core.constant.PropertiesConstants; -import top.continew.starter.core.util.GeneralPropertySourceFactory; -import top.continew.starter.core.util.validation.CheckUtils; -import top.continew.starter.security.password.enums.PasswordEncoderAlgorithm; -import top.continew.starter.security.password.util.PasswordEncoderUtil; - -import java.util.HashMap; -import java.util.Map; - -/** - * 密码编码器自动配置 - * - *

- * 密码配置类,默认编解码器使用的是 BCryptPasswordEncoder
- * 编码后的密码是遵循一定规则的 {idForEncode}encodePassword,前缀 {} 包含了编码的方式再拼接上该方式编码后的密码串。
- * 可以添加自定义的编解码,也可以修改默认的编解码器,只需修改默认的 encodingId。
- * 优点:如果有一天我们对密码编码规则进行替换或者轮转,现有的用户不会受到影响,只要修改 DelegatingPasswordEncoder 的 idForEncode 即可。 - *

- * - * @author Jasmine - * @author Charles7c - * @since 1.3.0 - */ -@AutoConfiguration -@EnableConfigurationProperties(PasswordEncoderProperties.class) -@PropertySource(value = "classpath:default-password.yml", factory = GeneralPropertySourceFactory.class) -@ConditionalOnProperty(prefix = PropertiesConstants.SECURITY_PASSWORD, name = PropertiesConstants.ENABLED, havingValue = "true", matchIfMissing = true) -public class PasswordEncoderAutoConfiguration { - - private static final Logger log = LoggerFactory.getLogger(PasswordEncoderAutoConfiguration.class); - - /** - * 密码编码器 - * - * @see DelegatingPasswordEncoder - * @see PasswordEncoderFactories - */ - @Bean - public PasswordEncoder passwordEncoder(PasswordEncoderProperties properties) { - Map encoders = new HashMap<>(); - encoders.put(PasswordEncoderAlgorithm.BCRYPT.name().toLowerCase(), PasswordEncoderUtil - .getEncoder(PasswordEncoderAlgorithm.BCRYPT)); - encoders.put(PasswordEncoderAlgorithm.SCRYPT.name().toLowerCase(), PasswordEncoderUtil - .getEncoder(PasswordEncoderAlgorithm.SCRYPT)); - encoders.put(PasswordEncoderAlgorithm.PBKDF2.name().toLowerCase(), PasswordEncoderUtil - .getEncoder(PasswordEncoderAlgorithm.PBKDF2)); - encoders.put(PasswordEncoderAlgorithm.ARGON2.name().toLowerCase(), PasswordEncoderUtil - .getEncoder(PasswordEncoderAlgorithm.ARGON2)); - PasswordEncoderAlgorithm algorithm = properties.getAlgorithm(); - CheckUtils.throwIf(PasswordEncoderUtil.getEncoder(algorithm) == null, "不支持的加密算法: {}", algorithm); - return new DelegatingPasswordEncoder(algorithm.name().toLowerCase(), encoders); - } - - @PostConstruct - public void postConstruct() { - log.debug("[ContiNew Starter] - Auto Configuration 'Security-PasswordEncoder' completed initialization."); - } -} diff --git a/continew-starter-security/continew-starter-security-password/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/continew-starter-security/continew-starter-security-password/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports deleted file mode 100644 index 2f8e9a6b..00000000 --- a/continew-starter-security/continew-starter-security-password/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports +++ /dev/null @@ -1 +0,0 @@ -top.continew.starter.security.password.autoconfigure.PasswordEncoderAutoConfiguration \ No newline at end of file diff --git a/continew-starter-security/continew-starter-security-password/src/main/resources/default-password.yml b/continew-starter-security/continew-starter-security-password/src/main/resources/default-password.yml deleted file mode 100644 index 5f0ca875..00000000 --- a/continew-starter-security/continew-starter-security-password/src/main/resources/default-password.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- ### 安全配置:密码编码器配置 -continew-starter.security: - password: - enabled: true - # 默认启用的编码器算法(默认:BCrypt 加密算法) - algorithm: BCRYPT \ No newline at end of file diff --git a/continew-starter-security/pom.xml b/continew-starter-security/pom.xml index af5789b8..c410bf3c 100644 --- a/continew-starter-security/pom.xml +++ b/continew-starter-security/pom.xml @@ -16,11 +16,10 @@ ContiNew Starter 安全模块 - continew-starter-security-password - continew-starter-security-mask continew-starter-security-crypto - continew-starter-security-sensitivewords + continew-starter-security-mask continew-starter-security-xss + continew-starter-security-sensitivewords