最近做一个项目,安全上有点要求,就是要对数据库相关的配置进行加密,配置文件如下:
#加密前
#datasource.type=mysql
#datasource.driverClassName=com.mysql.jdbc.Driver
#datasource.url=jdbc:mysql://localhost:3306/yjj?useUnicode=true&characterEncoding=utf8
#datasource.username=root
#datasource.password=root
#加密后
datasource.type=2DF0ADA00FAA99D2
datasource.driverClassName=DFB084E48D901F55B4765B6B6DEEEA685621CEAB85E65590
datasource.url=CD1E7D3A7DEED845CC284EB8AB50F88E171BEAD6E699A4B2E87A3F36434640EA07523DB201ACF884EF00CBBAD67FB52A04960D6C3E91E3EABF370CE3E6FACD06915D92108869CBB9
datasource.username=63AEB7FA5F01BC70
datasource.password=63AEB7FA5F01BC70
<!-- 对JDBC配置进行解密 -->
<bean id="propertyConfigurer" class="xxx.security.EncryptablePropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:conf/jdbc.properties</value>
<value>classpath:conf/memcache.properties</value>
</list>
</property>
</bean> <bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
destroy-method="close" >
<property name="driverClass">
<value>${datasource.driverClassName}</value>
</property> <property name="jdbcUrl">
<value>${datasource.url}</value>
</property>
<property name="user">
<value>${datasource.username}</value>
</property>
<property name="password">
<value>${datasource.password}</value>
</property> <property name="minPoolSize">
<value>${datasource.c3p0.minPoolSize}</value>
</property> <property name="maxPoolSize">
<value>${datasource.c3p0.maxPoolSize}</value>
</property> <property name="maxIdleTime">
<value>${datasource.c3p0.maxIdleTime}</value>
</property> <property name="acquireIncrement">
<value>${datasource.c3p0.acquireIncrement}</value>
</property>
<property name="maxStatements">
<value>${datasource.c3p0.maxStatements}</value>
</property>
<property name="initialPoolSize">
<value>${datasource.c3p0.initialPoolSize}</value>
</property> <property name="idleConnectionTestPeriod">
<value>${datasource.c3p0.idleConnectionTestPeriod}</value>
</property> <property name="numHelperThreads">
<value>${datasource.c3p0.numHelperThreads}</value>
</property> <property name="acquireRetryAttempts">
<value>${datasource.c3p0.acquireRetryAttempts}</value>
</property> <property name="breakAfterAcquireFailure">
<value>${datasource.c3p0.breakAfterAcquireFailure}</value>
</property>
<property name="testConnectionOnCheckout">
<value>${datasource.c3p0.testConnectionOnCheckout}</value>
</property>
</bean>
JAVA加密,解密类如下:
import java.util.Properties; import org.springframework.beans.BeansException;
import org.springframework.beans.factory.BeanInitializationException;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer; import cn.com.dbappsecurity.common.utils.DesEncrypt;
import cn.com.dbappsecurity.common.utils.MyWebConstant; public class EncryptablePropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
private static final String key = MyWebConstant.JDBC_DESC_KEY; protected void processProperties(ConfigurableListableBeanFactory beanFactory, Properties props)
throws BeansException {
try {
// DesEncrypt des = new DesEncrypt();
String username = props.getProperty(MyWebConstant.JDBC_DATASOURCE_USERNAME_KEY);
if (username != null) {
props.setProperty(MyWebConstant.JDBC_DATASOURCE_USERNAME_KEY, DesEncrypt.Decrypt(username, DesEncrypt.hex2byte(key)));
} String password = props.getProperty(MyWebConstant.JDBC_DATASOURCE_PASSWORD_KEY);
if (password != null) {
props.setProperty(MyWebConstant.JDBC_DATASOURCE_PASSWORD_KEY, DesEncrypt.Decrypt(password, DesEncrypt.hex2byte(key)));
} String url = props.getProperty(MyWebConstant.JDBC_DATASOURCE_URL_KEY);
if (url != null) {
props.setProperty(MyWebConstant.JDBC_DATASOURCE_URL_KEY, DesEncrypt.Decrypt(url, DesEncrypt.hex2byte(key)));
} String driverClassName = props.getProperty(MyWebConstant.JDBC_DATASOURCE_DRIVERCLASSNAME_KEY);
if(driverClassName != null){
props.setProperty(MyWebConstant.JDBC_DATASOURCE_DRIVERCLASSNAME_KEY, DesEncrypt.Decrypt(driverClassName, DesEncrypt.hex2byte(key)));
}
String dbtype = props.getProperty(MyWebConstant.JDBC_DATASOURCE_TYPE_KEY);
if(dbtype != null){
props.setProperty(MyWebConstant.JDBC_DATASOURCE_TYPE_KEY, DesEncrypt.Decrypt(dbtype, DesEncrypt.hex2byte(key)));
}
super.processProperties(beanFactory, props);
} catch (Exception e) {
e.printStackTrace();
throw new BeanInitializationException(e.getMessage());
}
}
}
/******************************JDBC相关BEGIN***************************************/
public static final String JDBC_DESC_KEY = "0001000200030004"; /**数据库类型**/
public static final String JDBC_DATASOURCE_TYPE_KEY = "datasource.type"; public static final String JDBC_DATASOURCE_DRIVERCLASSNAME_KEY = "datasource.driverClassName"; public static final String JDBC_DATASOURCE_URL_KEY = "datasource.url"; public static final String JDBC_DATASOURCE_USERNAME_KEY = "datasource.username"; public static final String JDBC_DATASOURCE_PASSWORD_KEY = "datasource.password"; /******************************JDBC相关END***************************************/