1、使用AES对称加密数据库密码
public class AesUtils {
private final static String KEY="112b3b4d5e6f7m8n";
private static final String KEY_ALGORITHM = "AES";
/**"算法/模式/补码方式"*/
private static final String CIPHER_ALGORITHM = "AES/ECB/PKCS5Padding";
private static final String DEFAULT_CHARSET = "UTF-8";
public static String encrypt(String content) {
try {
byte[] byteContent = content.getBytes(DEFAULT_CHARSET);
SecretKeySpec sKeySpec = new SecretKeySpec(KEY.getBytes(), KEY_ALGORITHM);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, sKeySpec);
byte[] encrypted = cipher.doFinal(byteContent);
return new String(Base64Utils.encode(encrypted));
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
public static String decrypt(String content) {
try {
byte[] byteContent = Base64Utils.decodeFromString(content);
SecretKeySpec key = new SecretKeySpec(KEY.getBytes(), KEY_ALGORITHM);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] rByte = cipher.doFinal(byteContent);
return new String(rByte, DEFAULT_CHARSET);
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
}
AesUtils.encrypt("root")运算得出数据库加密后密码 Wb3QAAhCDQvcNSzVz5z3lw=
2、数据源配置
yml文件:
spring:
datasource:
type: com.alibaba.druid.pool.DruidDataSource
driverClassName: com.mysql.cj.jdbc.Driver
one:
url: jdbc:mysql://${serverIp}:3306/cateen_db?useUnicode=true&characterEncoding=utf-8
username: root
password: Wb3QAAhCDQvcNSzVz5z3lw==
two:
url: jdbc:mysql://${serverIp}:3306/fee_db?useUnicode=true&characterEncoding=utf-8
username: root
password: Wb3QAAhCDQvcNSzVz5z3lw==
数据源注入spring
@Configuration
public class MyDataSourceConfig {
@Bean("dataSourceOne")
@ConfigurationProperties(prefix = "spring.datasource.one")
public DruidDataSource dataSourceOne(){
return new DruidDataSource();
}
@Bean("dataSourceTwo")
@ConfigurationProperties(prefix = "spring.datasource.two")
public DruidDataSource dataSourceTwo(){
return new DruidDataSource();
}
}
3、数据库密码解密
@Component
public class CustomBeanPostProcessor extends ConfigurationClassPostProcessor implements BeanPostProcessor {
private final static Logger LOGGER = LoggerFactory.getLogger(CustomBeanPostProcessor.class);
private ConfigurableListableBeanFactory beanFactory;
@Override
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) {
super.postProcessBeanFactory(beanFactory);
this.beanFactory=beanFactory;
}
@Override
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
String dataSourceOne ="dataSourceOne";
String dataSourceTwo ="dataSourceTwo";
if (StringUtils.equals(dataSourceOne,beanName)){
DruidDataSource druidDataSourceOne = (DruidDataSource) beanFactory.getBean(dataSourceOne);
String password = druidDataSourceOne.getPassword();
LOGGER.info("druidDataSourceOne--->pwd="+ password);
druidDataSourceOne.setPassword(AesUtils.decrypt(password));
}
if (StringUtils.equals(dataSourceTwo,beanName)){
DruidDataSource druidDataSourceTwo = (DruidDataSource) beanFactory.getBean(dataSourceTwo);
String password = druidDataSourceTwo.getPassword();
LOGGER.info("druidDataSourceTwo--->pwd="+ password);
druidDataSourceTwo.setPassword(AesUtils.decrypt(password));
}
return bean;
}
}