Druid是什么
Druid是Java语言中最好的数据库连接池。Druid能够提供强大的监控和扩展功能。
正常的druid.properties配置:
driverClassName=com.mysql.jdbc.Driver
url=jdbc:mysql://localhost:3306/test_db?useUnicode=true&characterEncoding=UTF-8
username=root
password=123456
initialSize=3
minIdle=2
maxActive=300
maxWait=60000
timeBetweenEvictionRunsMillis=60000
minEvictableIdleTimeMillis=300000
validationQuery=SELECT 'x'
testWhileIdle=true
testOnBorrow=false
testOnReturn=false
poolPreparedStatements=false
maxPoolPreparedStatementPerConnectionSize=20
removeAbandoned=false
removeAbandonedTimeout=1800
logAbandoned=true
#filters=stat,wall,log4j
filters=stat
可以看到数据库密码直接写在配置中,对运维安全来说,是一个很大的挑战。Druid为此提供一种数据库密码加密的手段ConfigFilter。
加密数据库密码
直接使用druid jar包:
java -cp druid-1.1.9.jar com.alibaba.druid.filter.config.ConfigTools 123456
driverClassName=com.mysql.jdbc.Driver
url=jdbc:mysql://localhost:3306/test_db?useUnicode=true&characterEncoding=UTF-8
username=root
password=加密后的密码,即上图的password
initialSize=3
minIdle=2
maxActive=300
maxWait=60000
timeBetweenEvictionRunsMillis=60000
minEvictableIdleTimeMillis=300000
validationQuery=SELECT 'x'
testWhileIdle=true
testOnBorrow=false
testOnReturn=false
poolPreparedStatements=false
maxPoolPreparedStatementPerConnectionSize=20
removeAbandoned=false
removeAbandonedTimeout=1800
logAbandoned=true
filters=stat,config
connectionProperties=config.decrypt=true;config.decrypt.key=加密后的公钥,即上图的publickey
参考阿里巴巴官方文档:https://github.com/alibaba/druid/wiki/%E5%B8%B8%E8%A7%81%E9%97%AE%E9%A2%98