在 application.conf 中加密数据库密码 [英] Encrypting db password in application.conf
问题描述
Play 框架 [我使用的是 v1.2.3] 不支持存储在 application.conf 中的数据库密码加密.这存储为纯文本文件.DBPlugin 读取此属性并创建一个连接池.
Play framework [I'm using v1.2.3] does not support db password encryption stored in the application.conf. This is stored as a plain-text file. DBPlugin reads this property and creates a Connection pool.
要求是加密此密码 - 例如使用 Jasypt.一些企业将此作为一种安全措施.
The requirement is to encrypt this password - for e.g. using Jasypt. Some enterprises enforce this as a security measure.
有人试过这样做吗?
由于 DBPlugin 在 ApplicationStart 上加载,因此无法破解它.这就需要编写一个自定义插件和 onConfigurationRead 为 application.conf 属性的 db.password 设置一个新值.
Since DBPlugin loads on ApplicationStart, there is no way to hack it. That leaves to write a custom plugin and onConfigurationRead set a new value for the db.password of application.conf property.
有什么建议吗?
推荐答案
最后我通过编写 Play 插件解决了这个问题.编写 Play 插件也很容易.这是示例代码:
Finally I fixed this by writing a Play Plugin. Writing a Play plugin is also very easy. Here is the sample code:
package plugin;
import java.util.Properties;
import org.jasypt.util.text.StrongTextEncryptor;
import play.Play;
import play.PlayPlugin;
public class DBPasswordInject extends PlayPlugin {
@Override
public void onConfigurationRead() {
StrongTextEncryptor strongTextEncryptor = new StrongTextEncryptor();
strongTextEncryptor.setPassword("$Look##$2");// this password has been used to encrypt
String encryptedPassword = Play.configuration.getProperty("db.pass");
String decrypted = strongTextEncryptor.decrypt(encryptedPassword);
Play.configuration.setProperty("db.pass", decrypted); //override
super.onConfigurationRead();
}
}
唯一的缺点是我无法使用 org.jasypt.util.password.StrongPasswordEncryptor - 因为没有解密方法.
The only downside is that I was not able to use org.jasypt.util.password.StrongPasswordEncryptor - because there is no decrypt method.
这篇关于在 application.conf 中加密数据库密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!