本文主要是介绍dbcp数据源加密,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
为了数据库的安全,密码是需要加密放在配置文件中的,这样别人就不能轻易的从配置文件中获取到数据库的明文密码,然后登陆我们的数据库,造成数据泄露。
通过分析dbcp的数据源源码,我们发现,主要的密码和用户名是在getConnection的时候用来获取datasource的。
(一)通过修改dabasource源码,使用对称加密解密算法,解密已经加密并且放在配置文件中的数据库密码,然后创建数据库连接。
public class BasicDataSourceimplements DataSource
{pprotected ConnectionFactory createConnectionFactory()
<span style="white-space:pre"> </span>throws SQLException
<span style="white-space:pre"> </span>{
<span style="white-space:pre"> </span>Class driverFromCCL = null;
<span style="white-space:pre"> </span>if (driverClassName != null)
<span style="white-space:pre"> </span>try
<span style="white-space:pre"> </span>{
<span style="white-space:pre"> </span>try
<span style="white-space:pre"> </span>{
<span style="white-space:pre"> </span>if (driverClassLoader == null)
<span style="white-space:pre"> </span>Class.forName(driverClassName);
<span style="white-space:pre"> </span>else
<span style="white-space:pre"> </span>Class.forName(driverClassName, true, driverClassLoader);
<span style="white-space:pre"> </span>}
<span style="white-space:pre"> </span>catch (ClassNotFoundException cnfe)
<span style="white-space:pre"> </span>{
<span style="white-space:pre"> </span>driverFromCCL = Thread.currentThread().getContextClassLoader().loadClass(driverClassName);
<span style="white-space:pre"> </span>}
<span style="white-space:pre"> </span>}
<span style="white-space:pre"> </span>catch (Throwable t)
<span style="white-space:pre"> </span>{
<span style="white-space:pre"> </span>String message = (new StringBuilder()).append("Cannot load JDBC driver class '").append(driverClassName).append("'").toString();
<span style="white-space:pre"> </span>logWriter.println(message);
<span style="white-space:pre"> </span>t.printStackTrace(logWriter);
<span style="white-space:pre"> </span>throw new SQLNestedException(message, t);
<span style="white-space:pre"> </span>}
<span style="white-space:pre"> </span>Driver driver = null;
<span style="white-space:pre"> </span>try
<span style="white-space:pre"> </span>{
<span style="white-space:pre"> </span>if (driverFromCCL == null)
<span style="white-space:pre"> </span>{
<span style="white-space:pre"> </span>driver = DriverManager.getDriver(url);
<span style="white-space:pre"> </span>} else
<span style="white-space:pre"> </span>{
<span style="white-space:pre"> </span>driver = (Driver)driverFromCCL.newInstance();
<span style="white-space:pre"> </span>if (!driver.acceptsURL(url))
<span style="white-space:pre"> </span>throw new SQLException("No suitable driver", "08001");
<span style="white-space:pre"> </span>}
<span style="white-space:pre"> </span>}
<span style="white-space:pre"> </span>catch (Throwable t)
<span style="white-space:pre"> </span>{
<span style="white-space:pre"> </span>String message = (new StringBuilder()).append("Cannot create JDBC driver of class '").append(driverClassName == null ? "" : driverClassName).append("' for connect URL '").append(url).append("'").toString();
<span style="white-space:pre"> </span>logWriter.println(message);
<span style="white-space:pre"> </span>t.printStackTrace(logWriter);
<span style="white-space:pre"> </span>throw new SQLNestedException(message, t);
<span style="white-space:pre"> </span>}
<span style="white-space:pre"> </span>if (validationQuery == null)
<span style="white-space:pre"> </span>{
<span style="white-space:pre"> </span>setTestOnBorrow(false);
<span style="white-space:pre"> </span>setTestOnReturn(false);
<span style="white-space:pre"> </span>setTestWhileIdle(false);
<span style="white-space:pre"> </span>}
<span style="white-space:pre"> </span>String user = username;
<span style="white-space:pre"> </span>if (user != null)
<span style="white-space:pre"> </span>connectionProperties.put("user", user);
<span style="white-space:pre"> </span>else
<span style="white-space:pre"> </span>log("DBCP DataSource configured without a 'username'");
<span style="white-space:pre"> </span>String pwd = reset(password);
<span style="white-space:pre"> </span>if (pwd != null)
<span style="white-space:pre"> </span>connectionProperties.put("password", pwd);
<span style="white-space:pre"> </span>else
<span style="white-space:pre"> </span>log("DBCP DataSource configured without a 'password'");
<span style="white-space:pre"> </span>ConnectionFactory driverConnectionFactory = new DriverConnectionFactory(driver, url, connectionProperties);
<span style="white-space:pre"> </span>return driverConnectionFactory;
<span style="white-space:pre"> </span>}<span style="font-size:14px;color:#ff0000;">private String reset(String secret)throws SQLNestedException{</span><span style="font-size:14px;color:#666666;">byte decode[];byte kbytes[] = "xxxx".getBytes();SecretKeySpec key = new SecretKeySpec(kbytes, "Blowfish");BigInteger n = new BigInteger(secret, 16);byte encoding[] = n.toByteArray();</span><span style="font-size:14px;color:#ff0000;">Cipher cipher = Cipher.getInstance("Blowfish");</span><span style="font-size:14px;color:#666666;">cipher.init(2, key);decode = cipher.doFinal(encoding);return new String(decode);Exception e;e;throw new SQLNestedException((new StringBuilder()).append("Cannot decode password: ").append(e.getMessage()).toString(), e);</span><span style="font-size:14px;color:#ff0000;">}</span>static {DriverManager.getDrivers();}
}
重新打包发布一个dbcp的jar包,然后项目中使用这个jar包即可。
springContext.xml的配置:
<!--组织架构数据源--><bean id="bomsDataSource" class="<span style="color:#ff0000;">org.apache.commons.dbcp.BasicDataSource</span>" destroy-method="close"><property name="url" value="${${env}.boms.jdbc.url}"/><property name="driverClassName" value="${${env}.boms.jdbc.driver}"/><property name="username" value="${${env}.boms.jdbc.username}"/><property name="password" value="${${env}.boms.jdbc.password}"/><property name="initialSize" value="5"/><property name="maxActive" value="50"/><property name="maxIdle" value="2"/><property name="minIdle" value="1"/><property name="defaultAutoCommit" value="true"/></bean>pom.xml文件中,引入我们自己重新发布的包:
<span style="white-space:pre"> </span> <dependency><groupId>dbcp</groupId><artifactId>dbcp</artifactId><version>1.4.d2</version></dependency>
这篇关于dbcp数据源加密的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
