具有Spring JDBC xml配置的Oracle Advanced Secuity加密 [英] Oracle Advanced Secuity encryption with Spring JDBC xml configuration

问题描述

有没有办法使Oracle的加密功能更高级 安全性纳入Spring JDBC dataSource配置?

Is there a way to bring the encryption features of Oracle advanced Security into Spring JDBC dataSource configuation?

DBA告诉我将以下参数传递给客户端的连接.

The DBA told me to pass the following arguments into the connection on client side.

sqlnet.encryption_client = requested
sqlnet.encryption_types_client = (RC4_128)
sqlnet.crypto_checksum_client = requested
sqlnet.crypto_checksum_types_client = (MD5)

根据 Oracle文档，可以通过旧的java.util.Properties将参数添加到OracleConnection来为瘦驱动程序设置加密.

但是，我找不到使用Spring dataSource.xml配置执行此操作的方法.
dataSource bean工作正常:

According to the Oracle Documentation, encryption can be set for thin driver, by adding the arguments to the OracleConnection via good old java.util.Properties.

However, I can not find a way doing this with my Spring dataSource.xml configuration.
The dataSource bean works fine:

<bean id="dataSource"
    class="oracle.jdbc.pool.OracleDataSource" destroy-method="close"> 
    <property name="URL" value="${datasource.url}" />
    <property name="user" value="${datasource.user}" />
    <property name="password" value="${datasource.password}" />
    <property name="connectionCachingEnabled" value="true"/>
</bean>

但是不幸的是，所需的属性无法理解，并带来了以下异常

But unfortunately the required properties aren't understood and bring the following Exception

Caused by: org.springframework.beans.NotWritablePropertyException: Invalid property 'encryption_client' of bean class [oracle.jdbc.pool.OracleDataSource]

<property name="encryption_client" value="${datasource.encryption_client}"/>
    <property name="encryption_types_client" value="${datasource.encryption_types_client}"/>
    <property name="crypto_checksum_client" value="${datasource.crypto_checksum_client}"/>
    <property name="crypto_checksum_types_client" value="${datasource.crypto_checksum_types_client}"/>

1. 在 Spring文档我看到只提到了少数几个属性.
2. 再次查看 Oracle文档中的示例，属性设置如下: OracleDataSource ods = new OracleDataSource();ods.setProperties(prop)
   ...但是 API 没有setProperties()方法.
   (https://docs.oracle.com/cd/E18283_01/appdev.112/e13995/oracle/jdbc/pool/OracleDataSource.html)

1. In the Spring documentation I see that there are only a handful attributes mentioned.
2. Looking again at the example in the Oracle Documentation, the properties are set like this OracleDataSource ods = new OracleDataSource();ods.setProperties(prop)
   ... but the API hasn't a setProperties() method.
   (https:// docs.oracle.com/cd/E18283_01/appdev.112/e13995/oracle/jdbc/pool/OracleDataSource.html)

我很困惑:(
任何帮助或提示都将受到高度赞赏.

I'm quite confused :(
Any help or hint is highly appreciated.

TL; TR
是否有将这些Oracle加密属性移交给Spring的解决方案?

TL;TR
Is there any solution for handing over these Oracle encryption properties to Spring?

推荐答案

Spring DataSource API中没有提供Oracle属性，因此您必须在初始化bean之后设置其他属性.您可以使用实现"beanpostprocessor"的类来完成此操作.另外，由于这是Spring，因此您需要获取当前dataSource的句柄以设置其他属性，而不会破坏bean的init.您不能在类原因中使用Autowire，否则PostProcessor将跳过该bean.因此，您必须浇铸豆.然后，您可以使用setConnectionProperties来初始化Oracle所需的参数，而不是在Spring bean中设置属性，该属性将不起作用并产生上述错误.

The Oracle properties are not given in the Spring DataSource API so you have to set the additional properties after the bean is inited. You can do this with a class that implements 'beanpostprocessor'. Also, since this is Spring you need to get a handle to the current dataSource to set the additional properties without blowing up the bean init. You cannot use Autowire in the class cause then the PostProcessor will skip that bean. So, you have to cast the bean. Then you can use setConnectionProperties to init the parameters required by Oracle rather than setting the properties in the Spring bean which will not work and gives the error described above.

此外，您还应该修复此主题的标题安全性->安全性.很抱歉，如果格式不对，因为我是刚开始发布答案的人.

Also you should fix the title of this topic Secuity-->Security. Sorry if the formatting is off as I am new to posting answers.

@Component
public class OracleConfigurer implements BeanPostProcessor {

@Override
public Object postProcessBeforeInitialization(Object bean, String name) throws BeansException {


final Logger LOG = LoggerFactory.getLogger(OracleConfigurer.class);
    if (bean instanceof DriverManagerDataSource) {
          Properties properties = ((DriverManagerDataSource) bean).getConnectionProperties();
          if (null == properties) properties = new Properties();
                properties.put("oracle.net.encryption_types_client", "(AES256)");
                properties.put("oracle.net.crypto_checksum_client", "REQUIRED");
                properties.put("oracle.net.encryption_client", "REQUIRED");
                DriverManagerDataSource dataSource = ((DriverManagerDataSource) bean);
                dataSource.setConnectionProperties(properties);
        }
        return bean;
    }

    @Override
    public Object postProcessAfterInitialization(Object bean, String name) throws
        BeansException {
        return bean;
    }
}

这篇关于具有Spring JDBC xml配置的Oracle Advanced Secuity加密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！