由于tomcat 未提供数据源加密逻辑,有需要的可以参考以下
将解压后得到的tomcatJNDIEncrypt.jar 拷贝至tomcat7主目录/lib 目录中。
修改至tomcat7主目录/conf/context.xml 中的Resource标签,添加
factory="aurora.tomcat.jndi.encrypt.AuroraTomcat7SecurityBasicDataSourceFactory"
![在这里插入图片描述](https://i-blog.csdnimg.cn/blog_migrate/cf4804aa63216bc95529cb02fbb5cb6e.png)
- 写入加密后的密码,重启tomcat。
核心代码如下
package aurora.tomcat.jndi.encrypt;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.Name;
import org.apache.tomcat.dbcp.dbcp.BasicDataSource;
import aurora.security.crypto.encrypt.Base64Encryptor;
public class AuroraTomcat7SecurityBasicDataSourceFactory extends org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory {
@Override
public Object getObjectInstance(Object obj, Name name, Context nameCtx, Hashtable environment) throws Exception {
Object o = super.getObjectInstance(obj, name, nameCtx, environment);
if (o != null) {
BasicDataSource ds = (BasicDataSource) o;
if (ds.getPassword() != null && ds.getPassword().length() > 0) {
String pwd = new Base64Encryptor().decrypt(ds.getPassword());
ds.setPassword(pwd);
}
return ds;
} else {
return null;
}
}
}