引言

咱们公司从事的是信息安全涉密应用的一些项目研发一共有分为三步,相比较于一般公司和一般的项目,对于信息安全要求更加严格,领导要求数据量和用户的用户名及密码信息都必需是要密文配置和存储的,这就涉及到jdbc.properties文件中的数据库的用户名和密码也是一样的,需要配置问密文,在连接的时候再加载解密为明文进行数据库的连接操作,以下就是实现过程,一共有分为三步。

一、创建DESUtil类

提供自定义密钥,加密解密的方法。

package com.hzdy.DCAD.common.util;import sun.misc.BASE64Decoder;import sun.misc.BASE64Encoder;import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import java.security.Key;import java.security.SecureRandom;/** * Created by Wongy on 2019/8/8. */public class DESUtil {  private static Key key;  //自己的密钥  private static String KEY_STR = "mykey";  static {    try {      KeyGenerator generator = KeyGenerator.getInstance("DES");      SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");      secureRandom.setSeed(KEY_STR.getBytes());      generator.init(secureRandom);      key = generator.generateKey();      generator = null;    } catch (Exception e) {      throw new RuntimeException(e);    }  }  /**   * 对字符串进行加密,返回BASE64的加密字符串   *   * @param str   * @return   * @see [类、类#方法、类#成员]   */  public static String getEncryptString(String str) {    BASE64Encoder base64Encoder = new BASE64Encoder();    try {      byte[] strBytes = str.getBytes("UTF-8");      Cipher cipher = Cipher.getInstance("DES");      cipher.init(Cipher.ENCRYPT_MODE, key);      byte[] encryptStrBytes = cipher.doFinal(strBytes);      return base64Encoder.encode(encryptStrBytes);    } catch (Exception e) {      throw new RuntimeException(e);    }  }  /**   * 对BASE64加密字符串进行解密   *   */  public static String getDecryptString(String str) {    BASE64Decoder base64Decoder = new BASE64Decoder();    try {      byte[] strBytes = base64Decoder.decodeBuffer(str);      Cipher cipher = Cipher.getInstance("DES");      cipher.init(Cipher.DECRYPT_MODE, key);      byte[] encryptStrBytes = cipher.doFinal(strBytes);      return new String(encryptStrBytes, "UTF-8");    } catch (Exception e) {      throw new RuntimeException(e);    }  }  public static void main(String[] args) {    String name = "dbuser";    String password = "waction2016";    String encryname = getEncryptString(name);    String encrypassword = getEncryptString(password);    System.out.println("encryname : " + encryname);    System.out.println("encrypassword : " + encrypassword);    System.out.println("name : " + getDecryptString(encryname));    System.out.println("password : " + getDecryptString(encrypassword));  }}

建立与配置文件的关联。

package com.hzdy.DCAD.common.util;import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;public class EncryptPropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {  //属性需与配置文件的KEY保持一直  private String[] encryptPropNames = {"jdbc.username", "jdbc.password"};  @Override  protected String convertProperty(String propertyName, String propertyValue) {    //如果在加密属性名单中发现该属性     if (isEncryptProp(propertyName)) {      String decryptValue = DESUtil.getDecryptString(propertyValue);      System.out.println(decryptValue);      return decryptValue;    } else {      return propertyValue;    }  }  private boolean isEncryptProp(String propertyName) {    for (String encryptName : encryptPropNames) {      if (encryptName.equals(propertyName)) {        return true;      }    }    return false;  }}
#加密配置之前#jdbc.driver=com.mysql.jdbc.Driver#jdbc.user=root#jdbc.password=root#jdbc.url=jdbc:mysql://localhost:3306/bookstore#加密配置之后jdbc.driver=com.mysql.jdbc.Driverjdbc.user=Ov4j7fKiCzY=jdbc.password=Ov4j7fKiCzY=jdbc.url=jdbc:mysql://localhost:3306/bookstore
将spring-context中的 <context:property-placeholder location="classpath:.properties" /> 修改为 <bean class="com.hzdy.DCAD.common.util.EncryptPropertyPlaceholderConfigurer"p:locations="classpath:*.properties"/> //注意只能存在一个读取配置文件的bean,否则系统只会读取最前面的
package com.thinkgem.jeesite.common.encrypt;import java.sql.Connection;import java.sql.SQLException;import java.util.Properties;import javax.security.auth.callback.PasswordCallback;import com.alibaba.druid.util.DruidPasswordCallback;/** */@SuppressWarnings("serial")public class DruidDataSource extends com.alibaba.druid.pool.DruidDataSource {  public PhysicalConnectionInfo createPhysicalConnection() throws SQLException {    String url = this.getUrl();    Properties connectProperties = getConnectProperties();    String user;    if (getUserCallback() != null) {      user = getUserCallback().getName();    } else {      user = getUsername();    }    //DES解密    user = DESUtils.getDecryptString(user);    String password = DESUtils.getDecryptString(getPassword());    PasswordCallback passwordCallback = getPasswordCallback();    if (passwordCallback != null) {      if (passwordCallback instanceof DruidPasswordCallback) {        DruidPasswordCallback druidPasswordCallback = (DruidPasswordCallback) passwordCallback;        druidPasswordCallback.setUrl(url);        druidPasswordCallback.setProperties(connectProperties);      }      char[] chars = passwordCallback.getPassword();      if (chars != null) {        password = new String(chars);      }    }    Properties physicalConnectProperties = new Properties();    if (connectProperties != null) {      physicalConnectProperties.putAll(connectProperties);    }    if (user != null && user.length() != 0) {      physicalConnectProperties.put("user", user);    }    if (password != null && password.length() != 0) {      physicalConnectProperties.put("password", password);    }    Connection conn;    long connectStartNanos = System.nanoTime();    long connectedNanos, initedNanos, validatedNanos;    try {      conn = createPhysicalConnection(url, physicalConnectProperties);      connectedNanos = System.nanoTime();      if (conn == null) {        throw new SQLException("connect error, url " + url + ", driverClass " + this.driverClass);      }      initPhysicalConnection(conn);      initedNanos = System.nanoTime();      validateConnection(conn);      validatedNanos = System.nanoTime();      setCreateError(null);    } catch (SQLException ex) {      setCreateError(ex);      throw ex;    } catch (RuntimeException ex) {      setCreateError(ex);      throw ex;    } catch (Error ex) {      createErrorCount.incrementAndGet();      throw ex;    } finally {      long nano = System.nanoTime() - connectStartNanos;      createTimespan += nano;    }    return new PhysicalConnectionInfo(conn, connectStartNanos, connectedNanos, initedNanos, validatedNanos);  }}
#修改之前<!-- <bean id="dataSource" class="com.alibaba.druid.pool.DruidDataSource" init-method="init" destroy-method="close"> -->#修改之后<bean id="dataSource"class="com.thinkgem.jeesite.common.encrypt.DruidDataSource"     init-method="init" destroy-method="close">    <!-- 数据源驱动类可不写,Druid默认会自动根据URL识别DriverClass -->    <property name="driverClassName" value="${jdbc.driver}" />    <!-- 基本属性 url、user、password -->    <property name="url" value="${jdbc.url}" />    <property name="username" value="${jdbc.username}" />    <property name="password" value="${jdbc.password}" />  </bean>

总结

更多相关文章

  1. EditText的属性:android:selectAllOnFocus
  2. Android(安卓)SyncManager 实现
  3. Android(安卓)webview记住账号密码
  4. 相对布局(RelativeLayout)写的QQ登录界面
  5. Android:SNS客户端开发四:数据库操作(二)
  6. Android登录界面开发及响应;页面跳转;传参
  7. Android(安卓)根据账号和密码自动连接 WIFI (兼容Android(安卓)10
  8. Android(安卓)Studio简单的登录界面
  9. Android(安卓)Content Providers(二)——Contacts Provider

随机推荐

  1. MySQL是一个非常流行的小型关系型数据库
  2. mysql5.7 Access denied for user 'root'
  3. 分页检索大型ResultSet
  4. MYSQL SET类型字段的SQL查询某个字段保函
  5. C运行查询显示命令不同步?
  6. MySQL中如何插入blob类型数据
  7. mysql 排序两个字段/列表先根据时间升序
  8. 尝试删除sql中的重复记录,但查询进入无限
  9. MySql反向模糊查询
  10. 如何创建a '。sql的文件