原始配置
spring结合mysql,一般是单独出配置文件jdbc.properties,
配置如下
driverClassName=com.mysql.jdbc.Driver
db.mysql.url=jdbc:mysql://127.0.0.1:3306/tq?autoReconnect=true&useUnicode=true&characterEncoding=utf8
db.mysql.username=test
db.mysql.password=123456
配置spring-jdbc.xml,使其加载该配置项。示例如下:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"
default-autowire="byName">
<context:annotation-config />
<!-- 扫描组件,完成自动装配 -->
<context:component-scan base-package="com.tq.app.epg.dao" />
<bean id="propertyConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:jdbc.properties</value>
</list>
</property>
</bean>
<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
destroy-method="close" lazy-init="true" depends-on="propertyConfigurer">
<property name="driverClass" value="${driverClassName}" />
<property name="jdbcUrl" value="${db.mysql.url}" />
<property name="user" value="${db.mysql.username}" />
<property name="password" value="${db.mysql.password}" />
<property name="autoCommitOnClose" value="true" />
<property name="minPoolSize" value="5" />
<property name="maxPoolSize" value="80" />
<property name="maxIdleTime" value="1800" />
<property name="maxStatements" value="100" />
<property name="acquireIncrement" value="5" />
<property name="idleConnectionTestPeriod" value="6000" />
<property name="testConnectionOnCheckout" value="true" />
<property name="checkoutTimeout" value="10000" />
</bean>
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="dataSource" />
</bean>
</beans>
按上面进行配置,由于数据库连接、账号、密码是明文,存在泄露风险。可以在配置文件中存密文,在spring读取该配置文件时,进行解密。
改进配置
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"
default-autowire="byName">
<context:annotation-config />
<!-- 扫描组件,完成自动装配 -->
<context:component-scan base-package="com.tq.app.epg.dao" />
<bean id="propertyConfigurer"
class="com.tq.app.epg.utils.config.GvtvPropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:jdbc.properties</value>
</list>
</property>
</bean>
<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
destroy-method="close" lazy-init="true" depends-on="propertyConfigurer">
<property name="driverClass" value="${driverClassName}" />
<property name="jdbcUrl" value="${db.mysql.url}" />
<property name="user" value="${db.mysql.username}" />
<property name="password" value="${db.mysql.password}" />
<property name="autoCommitOnClose" value="true" />
<property name="minPoolSize" value="5" />
<property name="maxPoolSize" value="80" />
<property name="maxIdleTime" value="1800" />
<property name="maxStatements" value="100" />
<property name="acquireIncrement" value="5" />
<property name="idleConnectionTestPeriod" value="6000" />
<property name="testConnectionOnCheckout" value="true" />
<property name="checkoutTimeout" value="10000" />
</bean>
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="dataSource" />
</bean>
</beans>
注意上面类GvtvPropertyPlaceholderConfigurer,该类的实现如下:
package com.tq.app.epg.utils.config;
import java.util.Enumeration;
import java.util.Properties;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
public class GvtvPropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {
@Override
protected void processProperties(ConfigurableListableBeanFactory beanFactoryToProcess, Properties props) throws BeansException {
AESHelper aesHelper = new AESHelper();
Enumeration<?> keys = props.propertyNames();
while (keys.hasMoreElements()) {
String key = (String)keys.nextElement();
String value = props.getProperty(key);
if (key.endsWith(".encryption") && null != value) {
props.remove(key);
key = key.substring(0, key.length() - 11);
value = aesHelper.decrypt(value.trim());
props.setProperty(key, value);
}
System.setProperty(key, value);
}
super.processProperties(beanFactoryToProcess, props);
}
}
相应的jdbc.properties变为
driverClassName=com.mysql.jdbc.Driver
db.mysql.url.encryption=XXXXXXXXXXXXXXXXXXXXXXX
db.mysql.username.encryption=D12450E55E370A310C1AAAB5189BB42A
db.mysql.password.encryption=ADC6327D7DB1D55623B70B48614A331B
另附AESHelper类:
package com.tq.app.epg.utils.config;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.MessageDigest;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
/**
* <一句话功能简述>
*/
public class AESHelper {
Cipher ecipher;
Cipher dcipher;
/**
* Input a string that will be md5 hashed to create the key.
*
* @return void, cipher initialized
*/
public AESHelper() {
try {
SecretKeySpec skey = new SecretKeySpec("9f265d42ab3c66d8f50a3a2e793a30c2".getBytes(), "AES");
this.setupCrypto(skey);
}
catch (Exception e) {
e.printStackTrace();
}
}
public AESHelper(String key) {
SecretKeySpec skey = new SecretKeySpec(getMD5(key), "AES");
this.setupCrypto(skey);
}
private void setupCrypto(SecretKey key) {
// Create an 8-byte initialization vector
byte[] iv = new byte[]
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
try {
ecipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
// CBC requires an initialization vector
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
}
catch (Exception e) {
e.printStackTrace();
}
}
// Buffer used to transport the bytes from one stream to another
// byte[] buf = new byte[1024];
public void encrypt(InputStream in, OutputStream out) {
byte[] buf = new byte[1024];
try {
// Bytes written to out will be encrypted
out = new CipherOutputStream(out, ecipher);
// Read in the cleartext bytes and write to out to encrypt
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
}
out.close();
}
catch (java.io.IOException e) {
e.printStackTrace();
}
}
/**
* Input is a string to encrypt.
*
* @return a Hex string of the byte array
*/
public String encrypt(String plaintext) {
try {
byte[] ciphertext = ecipher.doFinal(plaintext.getBytes("UTF-8"));
return byteToHex(ciphertext);
}
catch (Exception e) {
e.printStackTrace();
return null;
}
}
public void decrypt(InputStream in, OutputStream out) {
try {
byte[] buf = new byte[1024];
// Bytes read from in will be decrypted
in = new CipherInputStream(in, dcipher);
// Read in the decrypted bytes and write the cleartext to out
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
}
out.close();
}
catch (java.io.IOException e) {
e.printStackTrace();
}
}
/**
* Input encrypted String represented in HEX
*
* @return a string decrypted in plain text
*/
public String decrypt(String hexCipherText) {
try {
String plaintext = new String(dcipher.doFinal(hexToByte(hexCipherText)), "UTF-8");
return plaintext;
}
catch (Exception e) {
e.printStackTrace();
return null;
}
}
public String decrypt(byte[] ciphertext) {
try {
String plaintext = new String(dcipher.doFinal(ciphertext), "UTF-8");
return plaintext;
}
catch (Exception e) {
e.printStackTrace();
return null;
}
}
private static byte[] getMD5(String input) {
try {
byte[] bytesOfMessage = input.getBytes("UTF-8");
MessageDigest md = MessageDigest.getInstance("MD5");
return md.digest(bytesOfMessage);
}
catch (Exception e) {
return null;
}
}
static final String HEXES = "0123456789ABCDEF";
public static String byteToHex(byte[] raw) {
if (raw == null) {
return null;
}
final StringBuilder hex = new StringBuilder(2 * raw.length);
for (final byte b : raw) {
hex.append(HEXES.charAt((b & 0xF0) >> 4)).append(HEXES.charAt((b & 0x0F)));
}
return hex.toString();
}
public static byte[] hexToByte(String hexString) {
int len = hexString.length();
byte[] ba = new byte[len / 2];
for (int i = 0; i < len; i += 2) {
ba[i / 2] =
(byte)((Character.digit(hexString.charAt(i), 16) << 4) + Character.digit(hexString.charAt(i + 1), 16));
}
return ba;
}
}
版权声明:本文为博主原创文章,未经博主允许不得转载。
分享到:
相关推荐
这是一个简单的案例用来实现Spring中jdbc.properties属性文件进行密文处理,代码中的学生实体自己根据需要在数据库中进行创建
druid配置数据库连接使用密文密码,数据库密码使用明文是不安全的
HTML基于Web的数据库加密与密文检索系统源码HTML基于Web的数据库加密与密文检索系统源码HTML基于Web的数据库加密与密文检索系统源码HTML基于Web的数据库加密与密文检索系统源码HTML基于Web的数据库加密与密文检索...
下载nacos源码之后进行代码编写,修改了前端用户名和密码加密传输,后端使用RSA算法将收到的信息进行解码判断。内容包含源代码、打包之后的zip文件以及tar.gz文件,可以直接使用。 适用人群:项目使用nacos作为注册...
主要介绍了Springboot项目对数据库用户名密码实现加密过程解析,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下
详细讲解tomcat 连接池数据库解密加密方法以及过程。
思科密文密码破解 根据加密后的密码推算出明文密码
注:如何得到密文,可以参考以下路径:1、得到光猫的超级用户名和密码(可根据运营商及光猫型号自行百度得到)。2、通过Chrome内核的浏览器,进入光猫配置界面后在网络设置界面找到用于上网的通道(一般会标注...
C语言中,登录系统输入密码在显示屏上显示密文。
javaweb项目中在前台传送密码时使用密文将密码传送到后台
Tomcat 配置文件数据库密码加密,增加factory属性和修改context.xml文件中密码为密文,在lib文件中添加自定义的factory类 代码是jdk1.8版本,包含简单的加密类和http请求,如果使用简单的加密,不需要引用额外的lib...
添加远程登陆用户,并设置用户密码及密码加密方式 进入AAA模式命令行下: 输入 :local-user test password cipher welcome 添加新用户为:test 密码为:welcome 加密模式为:cipher 密文加密 .
明文变密文和密文变明文 对于学习如何用密钥把明文变密文,再解密很有用!
密文全文检索系统中的索引机制研究的文献文献
一种密文数据库的访问控制模型,唐一鸿,彭维平,采用密文数据库模式是克服DBSP中授权用户可以在无任何访问控制约束的情况下获取数据的缺陷的一种通用解决方法,而密文数据库中对��
1. 密钥K1进DES加密 2. K2对步骤1的结果进DES解密 3. 步骤2的结果使密钥K1进DES加密
密文数据库查询优化技术的研究,李刚彪,闫宏印,为了解决数据库加密后查询效率低的问题,针对数据库加密技术的实际应用,提出了一些解决方案。通过对数值型密文数据使用标志位,
数据库密文检索技术的设计与实现 论文 讲述对称算法 hash算法等
华为实习密文cipherText破解。原文:https://blog.csdn.net/jack400/article/details/89944239
使用AES256加密技术实现tomcat7对连接池数据库密码加密解密,资源中包含加密小程序,小程序实现加密,tomcat中实现解密,方便客户自己修改数据库密码且是密文!支持多操作系统如:linux mac os 文件太多分成两部分请...