Spring数据源及配置文件数据加密实现过程详解

2023-07-25 13:48:14 75

ThefollowingexampleshowsthecorrespondingXMLconfiguration:

Spring在第三方依赖包中包含了两个数据源的实现类包,其一是:Apache的DBCP;其二是C3P0,可以在Spring配置文件中利用二者的任何一个配置数据源.

ThenexttwoexamplesshowthebasicconnectivityandconfigurationforDBCPandC3P0.Tolearnaboutmoreoptionsthathelpcontrolthepoolingfeatures,seetheproductdocumentationfortherespectiveconnectionpoolingimplementations.

ThefollowingexampleshowsDBCPconfiguration:

ThefollowingexampleshowsC3P0configuration:

在jdbc.properties文件中定义属性的值,如下:

jdbc.driverClassName=com.mysql.jdbc.Driver

jdbc.url=jdbc:mysql://localhost:3309/sampledb

jdbc.username=root

jdbc.password=123456

但是这些属性是以明文形式存放,那么任何拥有服务器登录权限的人都可以查看这些机密信息,容易造成数据库访问权限的泄露.

这就要求对应用程序配置文件对某些属性进行加密,让Spring容器在读取属性文件后,在内存中对属性进行解密,然后再将解密后的属性赋给目标对象.

这里提供一个加密解密工具(DES对称加密解密)代码:

packagecom.springboot.utils;

importjava.security.Key;
importjava.security.SecureRandom;
importjava.util.Base64;
importjava.util.Base64.Decoder;
importjava.util.Base64.Encoder;

importjavax.crypto.Cipher;
importjavax.crypto.KeyGenerator;


publicclassDESUtils{
//指定DES加密解密所用的密钥
privatestaticKeykey;
privatestaticStringKEY_STR="myKey";

static{
try{
KeyGeneratorgenerator=KeyGenerator.getInstance("DES");
generator.init(newSecureRandom(KEY_STR.getBytes()));
key=generator.generateKey();
generator=null;
}catch(Exceptione){
thrownewRuntimeException(e);
}
}

publicstaticStringgetEncryptString(Stringstr){
Encoderencoder=Base64.getEncoder();
try{
byte[]strBytes=str.getBytes("UTF8");
Ciphercipher=Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE,key);
byte[]encryptStrBytes=cipher.doFinal(strBytes);
returnencoder.encodeToString(encryptStrBytes);
}catch(Exceptione){
thrownewRuntimeException(e);
}
}

publicstaticStringgetDecryptString(Stringstr){
Decoderdecoder=Base64.getDecoder();
try{
byte[]strBytes=decoder.decode(str);
Ciphercipher=Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE,key);
byte[]decryptStrBytes=cipher.doFinal(strBytes);
returnnewString(decryptStrBytes,"UTF8");
}catch(Exceptione){
thrownewRuntimeException(e);
}
}

publicstaticvoidmain(String[]args)throwsException{
if(args==null||args.length<1){
System.out.println("请输入要加密的字符,用空格分隔.");
}else{
for(Stringarg:args){
System.out.println(arg+":"+getEncryptString(arg));
}
}
}
}

针对配置文件中加密信息的解密

packagecom.springboot.utils;

importorg.springframework.context.support.PropertySourcesPlaceholderConfigurer;

publicclassEncryptPropertyPlaceholderConfigurerextendsPropertySourcesPlaceholderConfigurer{
privateString[]encryptPropNames={"userName","password"};

privatebooleanisEncryptProp(StringpropertyName){
for(StringencryptProName:encryptPropNames){
if(encryptProName.equals(propertyName)){
returntrue;
}
}
returnfalse;
}
@Override
protectedStringconvertProperty(StringpropertyName,StringpropertyValue){
if(isEncryptProp(propertyName)){
StringdecryptVal=DESUtils.getDecryptString(propertyValue);
System.out.println("decryptVal="+decryptVal);
returndecryptVal;
}else{
returnpropertyValue;
}
}
}

xml配置文件内容

通过在控制台运行我们的加密代码获取加密后的密文

yusuwudeMacBook-Pro:classesyusuwu$javacom.springboot.utils.DESUtilsroot123

获取密文:

root:jxlNoW/DjKw=

123:RbtzyNE4tjY=

在application.properties中配置

driverClassName=com.mysql.jdbc.Driver
url=jdbc:mysql://localhost:3306/springboot
userName=jxlNoW/DjKw=
password=RbtzyNE4tjY=

以上就是本文的全部内容，希望对大家的学习有所帮助，也希望大家多多支持毛票票。

Spring数据源及配置文件数据加密实现过程详解

热门推荐

随机推荐