一般spring容器启动时,通过PropertyPlaceholderConfigurer类读取jdbc.properties文件里的数据库配置信息。
通过这个原理,我们把加密后的数据库配置信息放到jdbc.properties文件里,然后自定义一个继承PropertyPlaceholderConfigurer的类,实现解密,把解密后的信息又放回去。最后在配置DataSource时,还是用占位符${}取配置信息。
jdbc.properties文件内容:
jdbc.driverClassName = 4A490AA9B8CD7DBD61E70367C868F950541890F991000CD76A707177A0A507B9 jdbc.url = FA0DD23D31BCF4C6058626849C4611455A74B444893626DE9CF7D1E05F15586C54C098BFA29BC54A jdbc.username = 5DE376A122083A8945FF13A1D5AFD452 jdbc.password = 5DE376A122083A8945FF13A1D5AFD452
自定义的取加密信息的类EncryptablePropertyPlaceholderConfigurer
public class EncryptablePropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
private static final String key = "0002000200020002";
protected void processProperties(ConfigurableListableBeanFactory beanFactory, Properties props)
throws BeansException {
try {
Des des = new Des();
String username = props.getProperty("jdbc.username");
if (username != null) {
props.setProperty("jdbc.username", des.Decrypt(username, des.hex2byte(key)));
}
String password = props.getProperty("jdbc.password");
if (password != null) {
props.setProperty("jdbc.password", des.Decrypt(password, des.hex2byte(key)));
}
String url = props.getProperty("jdbc.url");
if (url != null) {
props.setProperty("jdbc.url", des.Decrypt(url, des.hex2byte(key)));
}
String driverClassName = props.getProperty("jdbc.driverClassName");
if(driverClassName != null){
props.setProperty("jdbc.driverClassName", des.Decrypt(driverClassName, des.hex2byte(key)));
}
super.processProperties(beanFactory, props);
} catch (Exception e) {
e.printStackTrace();
throw new BeanInitializationException(e.getMessage());
}
}
Des.java是一个用Des算法加密和解密的工具类
//加密
public static String Encrypt(String str, byte[] key){
Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] encrypt = encryptMode(key, str.getBytes());
return byte2hex(encrypt);
}
//解密
public static String Decrypt(String str, byte[] key){
Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] decrypt = decryptMode(key, hex2byte(str));
return new String(decrypt);
}
spring配置:
<bean id="propertyConfigurer" class="com.eeds.core.security.datasource.EncryptablePropertyPlaceholderConfigurer"> <property name="locations"> <list> <value>classpath:config/spring/jdbc-test.properties</value> </list> </property> </bean>
<!-- 测试环境 --> <bean id="econsoleDS" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close"> <property name="driverClass"> <value>${jdbc.driverClassName}</value> </property> <property name="jdbcUrl"> <value>${jdbc.url}</value> </property> <property name="user"> <value>${jdbc.username}</value> </property> <property name="password"> <value>${jdbc.password}</value> </property> </bean>
参考资料:
Spring配置密码加密
http://tech.it168.com/oldarticle/2007-03-07/200703071252520_3.shtml
http://blog.csdn.net/dyyaries/article/details/7399414