about 4 years ago

在spring內設定資料庫參數時只能放明碼,這在很多時候是不被允許的,所以要改成加密方式儲存在設定檔

原始設定如下

spring-servlet.xml
<bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" destroy-method="close">
        <property name="driverClassName" value="com.mysql.jdbc.Driver" />
        <property name="url" value="jdbc:mysql://192.168.0.1:3306/database?useUnicode=true&amp;characterEncoding=UTF-8" />
        <property name="username" value="root" />
        <property name="password" value="123456" />
    </bean>

這個時候可以透過繼承spring提供的PropertyPlaceholderConfigurer來自訂讀取參數的方式
1.先在你要放設定檔的地方建立檔案 例如\WEB-INF\conf\jdbc.properties,並將你的參數加密後設置好

jdbc.properties
jdbc.driverClassName = 5d79e893feee923d2ff3462b78eeee8006f93d5eecbd37edc0d200c0e2413d

jdbc.url = e5cb807f1527a725e1d82d71492c25f88

jdbc.username = 3d160a3c947913282923d2ff3462b78

jdbc.password = ffe1a3923d2ff3462b78f1dab58ab8df1

2.建立你讀取properties的程式

EncryptablePropertyPlaceholderConfigurer.java
import java.util.Properties;

import org.apache.log4j.Logger;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.BeanInitializationException;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;

import com.payment.common.AESCoder;

public class EncryptablePropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
    private static Logger log = Logger.getLogger("all");

    protected void processProperties(ConfigurableListableBeanFactory beanFactory, Properties props) throws BeansException {
        AESCoder aescoder = null;
        try {
            aescoder = new AESCoder();
            aescoder.setSecretKeySpec("1234567890123456");
            aescoder.setIvParameterSpec("1234567890123456");
            String driverClassName = props.getProperty("jdbc.driverClassName");
            if(driverClassName != null){
                props.setProperty("jdbc.driverClassName", aescoder.decryptByHexstr(driverClassName));
            }
            
            String url = props.getProperty("jdbc.url");
            if (url != null) {
                props.setProperty("jdbc.url", aescoder.decryptByHexstr(url));
            }
            
            String username = props.getProperty("jdbc.username");
            if (username != null) {
                props.setProperty("jdbc.username", aescoder.decryptByHexstr(username));
            }

            String password = props.getProperty("jdbc.password");
            if (password != null) {
                props.setProperty("jdbc.password", aescoder.decryptByHexstr(password));
            }
            
            super.processProperties(beanFactory, props);
        } catch (Exception e) {
            log.error("", e);
            throw new BeanInitializationException(e.getMessage());
        }
    }
}

3.在spring設定檔中設置這個讀取器跟變更你的資料庫參數

spring-servlet.xml
 <bean id="propertyConfigurer" class="com.payment.system.EncryptablePropertyPlaceholderConfigurer">
    <property name="locations">  
        <list>
            <!-- 如果你是放在class資料夾底下用此設定 -->
            <!--<value>classpath:conf/jdbc.properties</value>-->
            <!-- WEB-INF資料夾用此設定 -->
            <value>/WEB-INF/conf/jdbc.properties</value>  
        </list>
    </property>  
</bean>

<bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" destroy-method="close">
    <property name="driverClassName" value="${jdbc.driverClassName}" />
    <property name="url" value="${jdbc.url}" />
    <property name="username" value="${jdbc.username}" />
    <property name="password" value="${jdbc.password}" />
</bean>

4.接下來再製作給系統工程師的加密工具就大功告成,收工

← 除錯小筆記 自訂json欄位過濾器 →
 
comments powered by Disqus