What is the correct way to configure a spring TextEncryptor for use on Heroku

Question

I have a spring TextEncryptor defined like this

Answer 1

So I think I've concluded Heroku just plain doesn't support 256 bit AEP which is what the stock TextEncoders in spring-security use.

Instead I've used the BasicTextEncryptor from the Java Simplified Encryption library as an alternative backend and implemented the TextEncryptor interface.

It's less secure but it works. It doesn't provide a salting mechanism, though I think there are provisions for that elsewhere in the library.

If anyone has any ideas how to get the stock encryptors working on heroku then that would still be preferable I think.