spring-jdbc文件数据库配置加密
2016-02-22 15:24
555 查看
一般spring容器启动时,通过PropertyPlaceholderConfigurer类读取jdbc.properties文件里的数据库配置信息。
通过这个原理,我们把加密后的数据库配置信息放到jdbc.properties文件里,然后自定义一个继承PropertyPlaceholderConfigurer的类,实现解密,把解密后的信息又放回去。最后在配置DataSource时,还是用占位符${}取配置信息。
jdbc.properties文件内容:
Properties代码
jdbc.driverClassName = 4A490AA9B8CD7DBD61E70367C868F950541890F991000CD76A707177A0A507B9
jdbc.url = FA0DD23D31BCF4C6058626849C4611455A74B444893626DE9CF7D1E05F15586C54C098BFA29BC54A
jdbc.username = 5DE376A122083A8945FF13A1D5AFD452
jdbc.password = 5DE376A122083A8945FF13A1D5AFD452
自定义的取加密信息的类EncryptablePropertyPlaceholderConfigurer
Java代码
public class EncryptablePropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
private static final String key = "0002000200020002";
protected void processProperties(ConfigurableListableBeanFactory beanFactory, Properties props)
throws BeansException {
try {
Des des = new Des();
String username = props.getProperty("jdbc.username");
if (username != null) {
props.setProperty("jdbc.username", des.Decrypt(username, des.hex2byte(key)));
}
String password = props.getProperty("jdbc.password");
if (password != null) {
props.setProperty("jdbc.password", des.Decrypt(password, des.hex2byte(key)));
}
String url = props.getProperty("jdbc.url");
if (url != null) {
props.setProperty("jdbc.url", des.Decrypt(url, des.hex2byte(key)));
}
String driverClassName = props.getProperty("jdbc.driverClassName");
if(driverClassName != null){
props.setProperty("jdbc.driverClassName", des.Decrypt(driverClassName, des.hex2byte(key)));
}
super.processProperties(beanFactory, props);
} catch (Exception e) {
e.printStackTrace();
throw new BeanInitializationException(e.getMessage());
}
}
Des.java是一个用Des算法加密和解密的工具类
Java代码
//加密
public static String Encrypt(String str, byte[] key){
Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] encrypt = encryptMode(key, str.getBytes());
return byte2hex(encrypt);
}
//解密
public static String Decrypt(String str, byte[] key){
Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] decrypt = decryptMode(key, hex2byte(str));
return new String(decrypt);
}
spring配置:
Xml代码
<bean id="propertyConfigurer"
class="com.eeds.core.security.datasource.EncryptablePropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:config/spring/jdbc-test.properties</value>
</list>
</property>
</bean>
Xml代码
<!-- 测试环境 -->
<bean id="econsoleDS" class="com.mchange.v2.c3p0.ComboPooledDataSource"
destroy-method="close">
<property name="driverClass">
<value>${jdbc.driverClassName}</value>
</property>
<property name="jdbcUrl">
<value>${jdbc.url}</value>
</property>
<property name="user">
<value>${jdbc.username}</value>
</property>
<property name="password">
<value>${jdbc.password}</value>
</property>
</bean>
通过这个原理,我们把加密后的数据库配置信息放到jdbc.properties文件里,然后自定义一个继承PropertyPlaceholderConfigurer的类,实现解密,把解密后的信息又放回去。最后在配置DataSource时,还是用占位符${}取配置信息。
jdbc.properties文件内容:
Properties代码
jdbc.driverClassName = 4A490AA9B8CD7DBD61E70367C868F950541890F991000CD76A707177A0A507B9
jdbc.url = FA0DD23D31BCF4C6058626849C4611455A74B444893626DE9CF7D1E05F15586C54C098BFA29BC54A
jdbc.username = 5DE376A122083A8945FF13A1D5AFD452
jdbc.password = 5DE376A122083A8945FF13A1D5AFD452
自定义的取加密信息的类EncryptablePropertyPlaceholderConfigurer
Java代码
public class EncryptablePropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
private static final String key = "0002000200020002";
protected void processProperties(ConfigurableListableBeanFactory beanFactory, Properties props)
throws BeansException {
try {
Des des = new Des();
String username = props.getProperty("jdbc.username");
if (username != null) {
props.setProperty("jdbc.username", des.Decrypt(username, des.hex2byte(key)));
}
String password = props.getProperty("jdbc.password");
if (password != null) {
props.setProperty("jdbc.password", des.Decrypt(password, des.hex2byte(key)));
}
String url = props.getProperty("jdbc.url");
if (url != null) {
props.setProperty("jdbc.url", des.Decrypt(url, des.hex2byte(key)));
}
String driverClassName = props.getProperty("jdbc.driverClassName");
if(driverClassName != null){
props.setProperty("jdbc.driverClassName", des.Decrypt(driverClassName, des.hex2byte(key)));
}
super.processProperties(beanFactory, props);
} catch (Exception e) {
e.printStackTrace();
throw new BeanInitializationException(e.getMessage());
}
}
Des.java是一个用Des算法加密和解密的工具类
Java代码
//加密
public static String Encrypt(String str, byte[] key){
Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] encrypt = encryptMode(key, str.getBytes());
return byte2hex(encrypt);
}
//解密
public static String Decrypt(String str, byte[] key){
Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] decrypt = decryptMode(key, hex2byte(str));
return new String(decrypt);
}
spring配置:
Xml代码
<bean id="propertyConfigurer"
class="com.eeds.core.security.datasource.EncryptablePropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:config/spring/jdbc-test.properties</value>
</list>
</property>
</bean>
Xml代码
<!-- 测试环境 -->
<bean id="econsoleDS" class="com.mchange.v2.c3p0.ComboPooledDataSource"
destroy-method="close">
<property name="driverClass">
<value>${jdbc.driverClassName}</value>
</property>
<property name="jdbcUrl">
<value>${jdbc.url}</value>
</property>
<property name="user">
<value>${jdbc.username}</value>
</property>
<property name="password">
<value>${jdbc.password}</value>
</property>
</bean>
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Hadoop 2.2.0编译hadoop-eclipse-plugin插件
- java-二维码编写zxing
- java 关于stack 的语法解析
- 【Java】换底公式
- java在方法中的匿名内部类
- 关于java.lang.IllegalMonitorStateException
- java继承小实例
- Java 回顾笔记5(下午)
- 三:java中传统线程互斥
- 保持顺序的 Java Properties 类
- 学习 Spring-Cloud - 写一个微服务
- Java读取Properties文件的六种方法
- java多线程—Thread.Join()和Thread.Sleep()
- Java Web应用中调优线程池的重要性
- Spring策略模式
- java中判断字符串是否为数字的方法的几种方法
- Java [Leetcode 165]Compare Version Numbers
- Spring注解
- java问题定位常用命令
- struts笔记