spring*.xml配置文件明文加密

spring*.xml配置文件明文加密

说明：客户要求spring.xml中Oracle/Redis/MongoDB的IP、端口、用户名、密码不能明文存放，接到需求的我，很无奈，但是还是的硬着头皮搞*

系统架构：spring+mvc（Oracle是用jdbc自己封装的接口）

1.数据库配置文件加密

原xml配置

<?xml version="1.0" encoding="utf-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:aop="http://www.springframework.org/schema/aop"
	xmlns:tx="http://www.springframework.org/schema/tx"
	xmlns:context="http://www.springframework.org/schema/context"
	xsi:schemaLocation="
		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
		http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"
		default-autowire="byType">
    
<context:component-scan base-package="cn.geoff" use-default-filters="false">
		<context:include-filter type="annotation" expression="org.springframework.stereotype.Service"/>
	</context:component-scan>

	<!-- Database Connection Pool -->
	<bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" init-method="init" destroy-method="close">
		<property name="url" value="jdbc:oracle:thin:@192.168.100.100:1521:orcl"/>
		<property name="username" value="Geoff"/>
		<property name="password" value="123456"/>
		<property name="validationQuery" value="select 'x' from dual"/>

		.....
	</bean>

	<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
		<property name="dataSource" ref="dataSource"/>
	</bean>
    
    </beans>

加密实现过程

思路：继承DruidDataSource，在初始化set值的时候进行解密

/**
 * 数据库连接解密
 * @author: Geoff
 * @create: 2020-12-30 16:46
 **/
public class DataBaseXml extends DruidDataSource {
   


    /**
     * Log4j logger
     */
    private final static Logger lg = LoggerFactory.getLogger(DataBaseXml.class);

    @Override
    public String getUrl() {
   
        return this.jdbcUrl;
    }

    @Override
    public void setUrl(String jdbcUrl) {
   
        if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
   
            lg.info("数据库【jdbcUrl】解密初始化加载...");
            try {
   
                jdbcUrl = Encryption.decrypt(jdbcUrl, GEOFF.DATA_BASE_ENCRYPTION_KEY);
            } catch (Exception e) {
   
                lg.error("数据库【jdbcUrl】密文解密失败...");
                e.printStackTrace();
            }
        }
        this.jdbcUrl = jdbcUrl;
    }

    @Override
    public String getUsername() {
   
        return this.username;
    }

    @Override
    public void setUsername(String username) {
   
        if(GEOFF.DATA_BASE_IS_ENCRYPTION) {
   
            lg.info("数据库【username】解密初始化加载...");
            try {
   
                username = Encryption.decrypt(username, GEOFF.DATA_BASE_ENCRYPTION_KEY);
            } catch (Exception e) {
   
                lg.error("数据库【username】密文解密失败...");
                e.printStackTrace();
            }
        }
        this.username = username;
    }

    @Override
    public String getPassword() {
   
        return this.password;
    }

    @Override
    public void setPassword(String password) {
   
        if(GEOFF.DATA_BASE_IS_ENCRYPTION){
   
            lg.info("数据库【password】解密初始化加载...");
            try {
   
                password = Encryption.decrypt(password, GEOFF.DATA_BASE_ENCRYPTION_KEY);
            } catch (Exception e) {
   
                lg.error("数据库【password】密文解密失败...");
                e.printStackTrace();
            }
        }
        this.password = password;
    }



}

修改后配置文件

<?xml version="1.0" encoding="utf-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:aop="http://www.springframework.org/schema/aop"
	xmlns:tx="http://www.springframework.org/schema/tx"
	xmlns:context="http://www.springframework.org/schema/context"
	xsi:schemaLocation="
		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
		http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"
		default-autowire="byType">
    
<context:component-scan base-package="cn.GEOFF" use-default-filters="false">
		<context:include-filter type="annotation" expression="org.springframework.stereotype.Service"/>
	</context:component-scan>

	<bean id="dataSource" class="cn.GEOFF.framework.core.DataBaseXml" init-method="init" destroy-method="close">
		<property name="url" value="4lZ4l804zIDqOJ5Wt3VNVLZvSLSDqCuQwhg5cAbQ1VG/vx+x+pEJQ6VJmLPO+PKK"/>
		<property name="username" value="PFEz8V4uvb06KhQxCLvLNA=="/>
		<property name="password" value="mMckYd6C5fo="/>
		<property name="validationQuery" value="select 'x' from dual"/>

	
		.....
	</bean>

	<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
		<property name="dataSource" ref="dataSource"/>
	</bean>
    
    </beans>

2.Redis配置文件加密

原配