本文探讨了如何在使用Spring和Apache DBCP的BasicDataSource时,将密码从属性文件加密并配置到XML配置文件中。通过扩展Ant的Copy任务和FilterSet,实现了在构建过程中自动加密密码,并创建了一个名为EncryptionAwareDataSource的类,该类继承自BasicDataSource并在设置密码时解密。这样,配置文件中的密码以加密形式存储,但在运行时会被正确解密使用。
At present i am keeping the password [ unencrypted ] in a property file. This password get placed as is in the configuration xml using ant.
[ The configuration xml is for datasource, it is creating the object of dbcp.BasicDataSource ]
Now, is it possible that after the ant target the password is copied in encrypted form. Heard the Jasypt can do that! Till now i haven't tried this. But, the problem doesn't end here. BasicDataSource do not accept encrypted password. Is there any replacement for BasicDatasource.
FYI: I am using Spring, if that matters.
解决方案
Create a new task by extending existing task Copy( responsible for file-copy ). Create a new type by extending FilterSet ( responsible for filtering of tokens ).
see the code here:-
http://stackoverflow.com/questions/3657910/how-to-create-nested-element-for-ant-task
build.xml
blah-blah.properties
property1=value1
property2=value2
PASSWORD=^&YUII%%&*(
USERNAME=rjuyal
CONNECTION_URL=...
someotherproperty=value
configuration xml
class="com.xyz.datasource.EncryptionAwareDataSource"
destroy-method="close" autowire="byName">
com.ibm.db2.jcc.DB2Driver
@CONNECTION_URL@
@USERNAME@
@PASSWORD@
true
10
10
...
...
...
After the execution of the target the xml is copied with values from properties file. Password will be encrypted.
This will handle the encrypted password.
EncryptionAwareDataSource
public class EncryptionAwareDataSource extends BasicDataSource{
@Override
public synchronized void setPassword(String password) {
super.setPassword(Encryptor.getDecryptedValue( password ));
}
}
That' all ;)
663
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
