将编码密码用于spring applicationContext.xml中使用的数据源 [英] Using encoded password for the datasource used in spring applicationContext.xml

查看:130
本文介绍了将编码密码用于spring applicationContext.xml中使用的数据源的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我想在下面提到的springApplicationContext.xml中保留编码密码。

有什么办法可以达到这个目的吗?



目前我已经使用属性占位符
配置了所有属性,如下所示,但原始密码仍在我的database.properties中打开



springApplicationContext.xml



 < bean:bean id =dataSourceclass =org .apache.commons.dbcp.BasicDataSourcedestroy-method =close> 
< beans:property name =driverClassName>< beans:value> $ {db.driverClassName}< / beans:value>< / beans:property>
< beans:property name =url>< beans:value> $ {db.url}< / beans:value>< / beans:property>
< beans:property name =username>< beans:value> $ {db.username}< / beans:value>< / beans:property>
< beans:property name =password>< beans:value> $ {db.password}< / beans:value>< / beans:property>
< / beans:bean>

但实际值出现在我的 database.properties

  db.driverClassName = com.mysql.jdbc.Driver 
db.url = jdbc:mysql:/ / localhost / myDB
db.username = root
db.password = root

我想要下面的东西:

springApplicationContext.xml(与上面相同)



 < beans:bean id =dataSourceclass =org.apache.commons.dbcp.BasicDataSourcedestroy-method =close> 
< beans:property name =driverClassName>< beans:value> $ {db.driverClassName}< / beans:value>< / beans:property>
< beans:property name =url>< beans:value> $ {db.url}< / beans:value>< / beans:property>
< beans:property name =username>< beans:value> $ {db.username}< / beans:value>< / beans:property>
< beans:property name =password>< beans:value> $ {db.password}< / beans:value>< / beans:property>
< / beans:bean>

但是,密码属性值应该在我的 database.properties

  db.driverClassName = com.mysql.jdbc.Driver 
db.url = jdbc :mysql:// localhost / myDB
db.username = root
db.password = 3g6n72ef8x(使用任何encription方法)。

并且在创建新的数据库连接之前,我的dataSource在内部解密密码。



非常感谢您对此提供的任何帮助/建议。

解决方案

对我自己的问题。但我仍然只想告诉我的解决方案,其他可能面临同样问题的人。为简单起见,我已经使用了BASE64编码器& BASE64Decoder。以后我会修改我的代码以使用安全/更好的加密/解密算法。

我使用下面的代码编码了我的数据库密码(例如:root)代码:

  private String encode(String str){
BASE64Encoder encoder = new BASE64Encoder();
str = new String(encoder.encodeBuffer(str.getBytes()));
return str;
}

并将编码密码放置在我的database.properties文件中,如下所示:



之前

  db.driverClassName = com.mysql.jdbc.Driver 
db.url = jdbc:mysql:// localhost / myDB
db.username = root
db.password = root

之后

  db.driverClassName = com.mysql.jdbc.Driver 
db.url = jdbc:mysql:// localhost / myDB
db.username = root $ b $ db.password = cm9vdA ==(注意:使用BASE64Encoder编码'root')

现在我已经为org.apache.commons.dbcp.BasicDataSource
编写了一个包装类,并覆盖了setPassword ()方法:

  import java.io.IOException; 
import org.apache.commons.dbcp.BasicDataSource;
导入sun.misc.BASE64Decoder;

public class MyCustomBasicDataSource extends BasicDataSource {
$ b $ public CustomBasicDataSource(){
super();


public synchronized void setPassword(String encodedPassword){
this.password = decode(encodedPassword);


private String decode(String password){
BASE64Decoder decoder = new BASE64Decoder();
字符串decodePassword = null;
尝试{
decodePassword = new String(decoder.decodeBuffer(password));
} catch(IOException e){
e.printStackTrace();
}
return decodedPassword;




$ b $ p
$ b这样我解码(BASE64Decoder)编码的密码在database.properties中提供

,并修改了springApplicationContext.xml文件中提到的dataSource bean的class属性。

 < beans:bean id =dataSourceclass =edu.config.db.datasource.custom.MyCustomBasicDataSourcedestroy-method =close> 
< beans:property name =driverClassName>< beans:value> $ {db.driverClassName}< / beans:value>< / beans:property>
< beans:property name =url>< beans:value> $ {db.url}< / beans:value>< / beans:property>
< beans:property name =username>< beans:value> $ {db.username}< / beans:value>< / beans:property>
< beans:property name =password>< beans:value> $ {db.password}< / beans:value>< / beans:property>



谢谢。


I want to keep encoded password in my below mentioned springApplicationContext.xml

Is there any way to achieve this?

presently I have configured all properties using property-placeholder as shown below but the raw password is still open in my database.properties

springApplicationContext.xml

<beans:bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
        <beans:property name="driverClassName"><beans:value>${db.driverClassName}</beans:value></beans:property>
        <beans:property name="url"><beans:value>${db.url}</beans:value></beans:property>
        <beans:property name="username"><beans:value>${db.username}</beans:value></beans:property>
        <beans:property name="password"><beans:value>${db.password}</beans:value></beans:property>
</beans:bean>

but actual values are present in my database.properties

db.driverClassName=com.mysql.jdbc.Driver
db.url=jdbc:mysql://localhost/myDB
db.username=root
db.password=root

I want something like below:

springApplicationContext.xml (same as above)

<beans:bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
        <beans:property name="driverClassName"><beans:value>${db.driverClassName}</beans:value></beans:property>
        <beans:property name="url"><beans:value>${db.url}</beans:value></beans:property>
        <beans:property name="username"><beans:value>${db.username}</beans:value></beans:property>
        <beans:property name="password"><beans:value>${db.password}</beans:value></beans:property>
</beans:bean>

But password property value should be in encripted format in my database.properties

db.driverClassName=com.mysql.jdbc.Driver
db.url=jdbc:mysql://localhost/myDB
db.username=root
db.password=3g6n72ef8x (using any encription method).

and my dataSource internally decrypt the password before making new DB connection.

Highly appreciate for any help/suggestion in this.

解决方案

Its might be funny that I am answering to my own question. but still I just wanted to tell my solution, others who might have faced same kind of issue..

for simplicity I have used BASE64Encoder & BASE64Decoder. later I will modify my code to use a secure/better encryption/decryption algorithm.

I have encoded my database password(ex: root for my case) by using the below code:

private String encode(String str) {
        BASE64Encoder encoder = new BASE64Encoder();
        str = new String(encoder.encodeBuffer(str.getBytes()));
        return str;
    }

and placed the encoded password in my database.properties file like below:

before

db.driverClassName=com.mysql.jdbc.Driver
db.url=jdbc:mysql://localhost/myDB
db.username=root
db.password=root

after

db.driverClassName=com.mysql.jdbc.Driver
db.url=jdbc:mysql://localhost/myDB
db.username=root
db.password=cm9vdA==  (Note: encoded 'root' by using BASE64Encoder)

Now I have written a wrapper class for org.apache.commons.dbcp.BasicDataSource and overridden setPassword() method:

import java.io.IOException;
import org.apache.commons.dbcp.BasicDataSource;
import sun.misc.BASE64Decoder;

public class MyCustomBasicDataSource extends BasicDataSource{

    public CustomBasicDataSource() {
        super();
    }

    public synchronized void setPassword(String encodedPassword){
        this.password = decode(encodedPassword);
    }

    private String decode(String password) {
        BASE64Decoder decoder = new BASE64Decoder();
        String decodedPassword = null;
        try {
            decodedPassword = new String(decoder.decodeBuffer(password));
        } catch (IOException e) {
            e.printStackTrace();
        }       
        return decodedPassword;
    }
}

This way I am decoding(BASE64Decoder) the encoded password provided in database.properties

and also modified the class attribute of my dataSource bean mentioned in springApplicationContext.xml file.

<beans:bean id="dataSource" class="edu.config.db.datasource.custom.MyCustomBasicDataSource" destroy-method="close">
    <beans:property name="driverClassName"><beans:value>${db.driverClassName}</beans:value></beans:property>
    <beans:property name="url"><beans:value>${db.url}</beans:value></beans:property>
    <beans:property name="username"><beans:value>${db.username}</beans:value></beans:property>
    <beans:property name="password"><beans:value>${db.password}</beans:value></beans:property>

Thanks.

这篇关于将编码密码用于spring applicationContext.xml中使用的数据源的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆