Spring读取加密属性文件处理

Spring读取加密属性文件处理

 

引言：Spring框架俨然已经是目前Java WEB项目开发的一个宠儿，更有人将Spring, Struts,和Hibernage称之为Java WEB项目开发的3件利器。Spring的依赖、注入、AOP及和其它框架的很好集成（如：hibername、ibatis、struts等）确实给web项目开发带来了诸多便利性，但是任何一种框架都不能完全满足个性化需求开发，spring亦是如此。现有一个项目是基于spring、struts和ibtatis的，其中数据库连接池使用的是proxool，领导要求将proxool连接池配置文件进行加密，这里有2种解决方法：

1）    扩展ProxoolDataSource，重写getNewConnection方法，对其置相关数据库配置属性时进行解密处理；

2）    扩展Spring读取属性文件文件的类PropertyPlaceholderConfigurer

 

1、  扩展ProxoolDataSource

package *.*;   import java.io.InputStream; import java.sql.Connection; import java.sql.SQLException; import java.util.Properties;   import org.logicalcobwebs.proxool.ProxoolDataSource;   public class ProxoolDataSourceEX extends ProxoolDataSource {          private Logger errorLog = CommonLogger.getErrorLog(ProxoolDataSourceEX.class);          private static Properties proxoolProperties = null;          private static ProxoolDataSource dataSource = null;          //          public synchronized Connection getConnection() {                    try {                             if (dataSource != null)                                      return super.getConnection();                             else                                      return getNewConnection();                   } catch (SQLException e) { //                          errorLog.error("…….", e);                    }                    return null;          }                   private synchronized Connection getNewConnection() {                    if(proxoolProperties==null){                             InputStream is = Thread.currentThread().getContextClassLoader().                                      getResourceAsStream("proxool.properties");                             proxoolProperties = new Properties();                             try{                                      proxoolProperties.load(is);                             }catch(Exception e){                                      e.printStackTrace();                             }                    }                 //属性值的解密（调用相应解密算法，解密）         //解密后的属性值置入                    this.setDriver(driver);                    this.setDriverUrl(url);                    …               try {                      return super.getConnection();               } catch (SQLException e) {                      errorLog.error("…", e);                    }                    return null;          } }

 

2、  扩展Spring读取属性文件文件的类PropertyPlaceholderConfigurer

1）    spring datasource配置

<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans>      <!-- ======================================================================== -->      <!--  DataSource定义。                                                        -->      <!-- ======================================================================== -->      <bean id="DBConfigurer"      class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">          <property name="locations">               <list>                    <value>classpath:proxool.properties</value>               </list>          </property>      </bean>        <bean id="dataSource"          class="org.logicalcobwebs.proxool.ProxoolDataSource">          <property name="driver">               <value>${dev_proxool_driver_class}</value>          </property>          <property name="driverUrl">               <value>${dev_proxool_driver_url}</value>          </property>          <property name="user">               <value>${dev_proxool_user}</value>          </property>          <property name="password">               <value>${dev_proxool_password}</value>          </property>          <property name="alias">               <value>${dev_proxool_alias}</value>          </property>          …      </bean>      … </beans>

 

2）    扩展PropertyPlaceholderConfigurer，对其方法resolvePlaceholder进行重写。

package *.*;   import java.util.Properties;   import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;   public class PropertyPlaceholderConfigurerEX extends PropertyPlaceholderConfigurer{      private boolean secutiry = false;      private Log logger = LogFactory.getLog(PropertyPlaceholderConfigurerEX.class);      //      protected String resolvePlaceholder(String placeholder, Properties props) {          String placeholderValue = props.getProperty(placeholder);          if(this.secutiry){               placeholderValue = deEncrypt(placeholderValue);          }          return placeholderValue;      }      //      public boolean isSecutiry() {          return secutiry;      }      public void setSecutiry(boolean secutiry) {          this.secutiry = secutiry;      }           private String deEncrypt(String miwen){           return 解密后的字串;      } }

3）    修改上述的datasource配置

<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans>      <!-- ======================================================================== -->      <!--  DataSource定义。                                                        -->      <!-- ======================================================================== -->      <bean id="DBConfigurer"      class="*.*.PropertyPlaceholderConfigurerEX">          <property name="locations">               <list>                    <value>classpath:proxool.properties</value>               </list>          </property>          <!—security为false，则对属性文件的属性值不进行解密处理，为true，则进行解密-->        <property name="secutiry">            <value>false</value>        </property>         <!—扩展PropertyPlaceholderConfigurerEX，最好使用解密算法也可在此处配置-->      </bean>     同1）datasource配置