about 5 years ago
在spring內設定資料庫參數時只能放明碼,這在很多時候是不被允許的,所以要改成加密方式儲存在設定檔
原始設定如下
<bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" destroy-method="close">
<property name="driverClassName" value="com.mysql.jdbc.Driver" />
<property name="url" value="jdbc:mysql://192.168.0.1:3306/database?useUnicode=true&characterEncoding=UTF-8" />
<property name="username" value="root" />
<property name="password" value="123456" />
</bean>
這個時候可以透過繼承spring提供的PropertyPlaceholderConfigurer來自訂讀取參數的方式
1.先在你要放設定檔的地方建立檔案 例如\WEB-INF\conf\jdbc.properties,並將你的參數加密後設置好
jdbc.driverClassName = 5d79e893feee923d2ff3462b78eeee8006f93d5eecbd37edc0d200c0e2413d
jdbc.url = e5cb807f1527a725e1d82d71492c25f88
jdbc.username = 3d160a3c947913282923d2ff3462b78
jdbc.password = ffe1a3923d2ff3462b78f1dab58ab8df1
2.建立你讀取properties的程式
import java.util.Properties;
import org.apache.log4j.Logger;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.BeanInitializationException;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
import com.payment.common.AESCoder;
public class EncryptablePropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
private static Logger log = Logger.getLogger("all");
protected void processProperties(ConfigurableListableBeanFactory beanFactory, Properties props) throws BeansException {
AESCoder aescoder = null;
try {
aescoder = new AESCoder();
aescoder.setSecretKeySpec("1234567890123456");
aescoder.setIvParameterSpec("1234567890123456");
String driverClassName = props.getProperty("jdbc.driverClassName");
if(driverClassName != null){
props.setProperty("jdbc.driverClassName", aescoder.decryptByHexstr(driverClassName));
}
String url = props.getProperty("jdbc.url");
if (url != null) {
props.setProperty("jdbc.url", aescoder.decryptByHexstr(url));
}
String username = props.getProperty("jdbc.username");
if (username != null) {
props.setProperty("jdbc.username", aescoder.decryptByHexstr(username));
}
String password = props.getProperty("jdbc.password");
if (password != null) {
props.setProperty("jdbc.password", aescoder.decryptByHexstr(password));
}
super.processProperties(beanFactory, props);
} catch (Exception e) {
log.error("", e);
throw new BeanInitializationException(e.getMessage());
}
}
}
3.在spring設定檔中設置這個讀取器跟變更你的資料庫參數
<bean id="propertyConfigurer" class="com.payment.system.EncryptablePropertyPlaceholderConfigurer">
<property name="locations">
<list>
<!-- 如果你是放在class資料夾底下用此設定 -->
<!--<value>classpath:conf/jdbc.properties</value>-->
<!-- WEB-INF資料夾用此設定 -->
<value>/WEB-INF/conf/jdbc.properties</value>
</list>
</property>
</bean>
<bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" destroy-method="close">
<property name="driverClassName" value="${jdbc.driverClassName}" />
<property name="url" value="${jdbc.url}" />
<property name="username" value="${jdbc.username}" />
<property name="password" value="${jdbc.password}" />
</bean>
4.接下來再製作給系統工程師的加密工具就大功告成,收工
