Spring数据源及配置文件数据加密实现过程详解
ThefollowingexampleshowsthecorrespondingXMLconfiguration:
Spring在第三方依赖包中包含了两个数据源的实现类包,其一是:Apache的DBCP;其二是C3P0,可以在Spring配置文件中利用二者的任何一个配置数据源.
ThenexttwoexamplesshowthebasicconnectivityandconfigurationforDBCPandC3P0.Tolearnaboutmoreoptionsthathelpcontrolthepoolingfeatures,seetheproductdocumentationfortherespectiveconnectionpoolingimplementations.
ThefollowingexampleshowsDBCPconfiguration:
ThefollowingexampleshowsC3P0configuration:
在jdbc.properties文件中定义属性的值,如下:
jdbc.driverClassName=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3309/sampledb
jdbc.username=root
jdbc.password=123456
但是这些属性是以明文形式存放,那么任何拥有服务器登录权限的人都可以查看这些机密信息,容易造成数据库访问权限的泄露.
这就要求对应用程序配置文件对某些属性进行加密,让Spring容器在读取属性文件后,在内存中对属性进行解密,然后再将解密后的属性赋给目标对象.
这里提供一个加密解密工具(DES对称加密解密)代码:
packagecom.springboot.utils; importjava.security.Key; importjava.security.SecureRandom; importjava.util.Base64; importjava.util.Base64.Decoder; importjava.util.Base64.Encoder; importjavax.crypto.Cipher; importjavax.crypto.KeyGenerator; publicclassDESUtils{ //指定DES加密解密所用的密钥 privatestaticKeykey; privatestaticStringKEY_STR="myKey"; static{ try{ KeyGeneratorgenerator=KeyGenerator.getInstance("DES"); generator.init(newSecureRandom(KEY_STR.getBytes())); key=generator.generateKey(); generator=null; }catch(Exceptione){ thrownewRuntimeException(e); } } publicstaticStringgetEncryptString(Stringstr){ Encoderencoder=Base64.getEncoder(); try{ byte[]strBytes=str.getBytes("UTF8"); Ciphercipher=Cipher.getInstance("DES"); cipher.init(Cipher.ENCRYPT_MODE,key); byte[]encryptStrBytes=cipher.doFinal(strBytes); returnencoder.encodeToString(encryptStrBytes); }catch(Exceptione){ thrownewRuntimeException(e); } } publicstaticStringgetDecryptString(Stringstr){ Decoderdecoder=Base64.getDecoder(); try{ byte[]strBytes=decoder.decode(str); Ciphercipher=Cipher.getInstance("DES"); cipher.init(Cipher.DECRYPT_MODE,key); byte[]decryptStrBytes=cipher.doFinal(strBytes); returnnewString(decryptStrBytes,"UTF8"); }catch(Exceptione){ thrownewRuntimeException(e); } } publicstaticvoidmain(String[]args)throwsException{ if(args==null||args.length<1){ System.out.println("请输入要加密的字符,用空格分隔."); }else{ for(Stringarg:args){ System.out.println(arg+":"+getEncryptString(arg)); } } } }
针对配置文件中加密信息的解密
packagecom.springboot.utils; importorg.springframework.context.support.PropertySourcesPlaceholderConfigurer; publicclassEncryptPropertyPlaceholderConfigurerextendsPropertySourcesPlaceholderConfigurer{ privateString[]encryptPropNames={"userName","password"}; privatebooleanisEncryptProp(StringpropertyName){ for(StringencryptProName:encryptPropNames){ if(encryptProName.equals(propertyName)){ returntrue; } } returnfalse; } @Override protectedStringconvertProperty(StringpropertyName,StringpropertyValue){ if(isEncryptProp(propertyName)){ StringdecryptVal=DESUtils.getDecryptString(propertyValue); System.out.println("decryptVal="+decryptVal); returndecryptVal; }else{ returnpropertyValue; } } }
xml配置文件内容
通过在控制台运行我们的加密代码获取加密后的密文
yusuwudeMacBook-Pro:classesyusuwu$javacom.springboot.utils.DESUtilsroot123
获取密文:
root:jxlNoW/DjKw=
123:RbtzyNE4tjY=
在application.properties中配置
driverClassName=com.mysql.jdbc.Driver
url=jdbc:mysql://localhost:3306/springboot
userName=jxlNoW/DjKw=
password=RbtzyNE4tjY=
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。