需求是这样,出于安全考虑需要yml中数据库密码以加密字符串的形式存在,先行找到使用Jasypt进行加密的方式,说不行,最好不要引进新的依赖。
通过搜索发现可以通过重写数据源的getPassword()方法进行自行解密,实现方法如下:
@Slf4j
public class UmspscDataSource extends HikariDataSource {
private String passwordDis;
/**
* 密匙
*/
private final static String PKEY ="1234565437892132";
@Override
public String getPassword(){
if(StringUtils.isNotBlank(passwordDis)){return passwordDis;}
String encPassword = super.getPassword();
if(null==encPassword){
return null;
}
log.info("数据库密码加解密,{"+encPassword+"}");
try{
//替换自己的解密规则
passwordDis =encPassword.replace(PKEY,"");
return passwordDis;
}catch (Exception e){
log.error("数据库密码解密出错,{"+encPassword+"}");
log.info(e.getMessage());
return null;
}
}
}
import com.zaxxer.hikari.HikariDataSource;
import org.springframework.beans.factory.annotation.Autowire;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Component;
@Component
public class CommonBeanFactory {
@Bean(name = "dataSource", autowire = Autowire.NO)
@Primary
//从yaml文件中读取spring.datasource节点下的配置项
@ConfigurationProperties(ignoreUnknownFields = false, prefix = "spring.datasource")
public HikariDataSource dataSource() {
//以自己的获取数据源对象实现替换HikariDataSource
HikariDataSource druidDataSource = new UmspscDataSource();
return druidDataSource;
}
}
yaml文件配置如下:
spring:
datasource:
jdbcUrl: jdbc:mysql://111.111.111.111:3306/hedu?useAffectedRows=true&useSSL=false&useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC
username: root
password: Root2017#1234565437892132
driver-class-name: com.mysql.cj.jdbc.Driver
connection-test-query: SELECT 1
maximum-pool-size: 150
minimum-idle: 2
注意:
1.以前配置文件中用的spring.datasource.url需要更换为jdbcUrl
2.以前的spring.datasource.hikari.connection-test-query等配置需要挪到datasource节点之下,否则读不到会报错。