无法在配置文件中加密密码 [英] Cannot encrypt password in configuration file

问题描述

我无法在 hibernate.cfg.xml中加密数据库密码

这是我的财产文件。

 <！ - 数据库连接设置 - > 
< property name =connection.driver_class> com.microsoft.sqlserver.jdbc.SQLServerDriver< / property> 
< property name =connection.url> jdbc：sqlserver：// localhost：1433; databaseName = TEST;< / property> 
< property name =connection.username> sa< / property> 
<！ - 加密 - > 
< property name =connection.password> ENC（vMO / j5jfpaU2cUhPVoOk5Q ==）< / property> 
< property name =connection.provider_class> org.jasypt.hibernate4.connectionprovider.EncryptedPasswordDriverManagerConnectionProvider< / property> 
< property name =connection.encryptor_registered_name> hibernateEncryptor< / property> 
  

然后在 HiberanteUtil.java中我有这个

  //构建会话工厂。 
 private static SessionFactory configureSessionFactory（）
 throws HibernateException {
 
配置配置=新配置（）。 
 StandardPBEStringEncryptor encryptor = 
 new StandardPBEStringEncryptor（）; 
 encryptor.setPassword（pass）; 
 
 HibernatePBEEncryptorRegistry注册表= 
 HibernatePBEEncryptorRegistry.getInstance（）; 
 
 registry.registerPBEStringEncryptor（hibernateEncryptor，encryptor）; 
 
 ServiceRegistry serviceRegistry = new ServiceRegistryBuilder（）
 .applySettings（configuration.getProperties（））。buildServiceRegistry（）; 
 
 return configuration.buildSessionFactory（serviceRegistry）; 
} 
  

我已经使用加密创建了加密密码。蝙蝠。

然后我有错误是

com.microsoft.sqlserver.jdbc.SQLServerException：用户
'sa'登录失败。 ClientConnectionId：8033573f-5f52-4fe9-a728-fbe4f57d89c4

如果我删除此部分

  StandardPBEStringEncryptor encryptor = 
 new StandardPBEStringEncryptor（）; 
 encryptor.setPassword（someKey）; 
 HibernatePBEEncryptorRegistry注册表= 
 HibernatePBEEncryptorRegistry.getInstance（）; 
 
 registry.registerPBEStringEncryptor（
hibernateEncryptor，encryptor）; 
  

我有同样的错误，所以我认为它没有注册，但我不知道如何

这是我如何加密

更新

我可以做的唯一的事情就是这样做，但不是我的想法。

  StandardPBEStringEncryptor encryptor = 
 new StandardPBEStringEncryptor（）; 
 encryptor.setPassword（somePass）; 
 encryptor.setAlgorithm（PBEWITHMD5ANDDES）; 
 String pass = encryptor.decrypt（HhpmA / XmJoLro8TYYu4YyA ==）; 
 HibernatePBEEncryptorRegistry注册表= 
 HibernatePBEEncryptorRegistry.getInstance（）; 
 registry.registerPBEStringEncryptor（
hibernateEncryptor，encryptor）; 
 
配置配置=新配置（）。configure（）
 .setProperty（hibernate.connection.encryptor_registered_name，hibernateEncryptor）
 .setProperty（hibernate.connection。密码，通）; 
  

所以我认为问题是与hibernateEncryptor，我想我需要注册

 < typedef name =encryptedStringclass =org.jasypt.hibernate4 .type.EncryptedStringType> 
< param name =encryptorRegisteredName> hibernateEncryptor< / param> 
< typedef> 
  

但是当我把它放在 hibernate.cfg.xml 表示无效映射，所以我把它添加到一个注释类，但没有任何事情，因为我认为这是读数据库连接，这是我想要加密。 ：（

  @TypeDef（name =encryptedString，typeClass = org.jasypt.hibernate4.type.EncryptedStringType.class，
参数= {@Parameter（name =encryptorRegisteredName，value =hibernateEncryptor）}）
  

  StandardPBEStringEncryptor encryptor（解密方案） = new StandardPBEStringEncryptor（）; 
 encryptor.setPassword（somePass）; 
 encryptor.setAlgorithm（PBEWITHMD5ANDDES）; 
配置配置=新配置（）。configure（）; 
 String pass = encryptor.decrypt（configuration.getProperty（hibernate.connection.password））; 
 configuration.setProperty（hibernate.connection.password，pass）; 
  

而在 hibernate.cfg

 < property name =connection.username> sa< / property> 
< property name =connection.password> Nzuyhu5PJJwsVH3mdw ==& LT; /性> 
  

I'm having trouble encrypting the database password in hibernate.cfg.xml

This is my property file.

<!-- Database connection settings -->
<property name="connection.driver_class">com.microsoft.sqlserver.jdbc.SQLServerDriver</property>
<property name="connection.url">jdbc:sqlserver://localhost:1433;databaseName=TEST;</property>
<property name="connection.username">sa</property>
<!-- Encryption -->
<property name="connection.password">ENC(vMO/j5jfpaU2cUhPVoOk5Q==)</property>
<property name="connection.provider_class">org.jasypt.hibernate4.connectionprovider.EncryptedPasswordDriverManagerConnectionProvider</property>
<property name="connection.encryptor_registered_name">hibernateEncryptor</property>

Then in the HiberanteUtil.java I have this

// Builds session factory.
private static SessionFactory configureSessionFactory() 
    throws HibernateException {

  Configuration configuration = new Configuration().configure();
  StandardPBEStringEncryptor encryptor =
      new StandardPBEStringEncryptor();
  encryptor.setPassword("pass");

  HibernatePBEEncryptorRegistry registry =
      HibernatePBEEncryptorRegistry.getInstance();

  registry.registerPBEStringEncryptor("hibernateEncryptor", encryptor);

  ServiceRegistry serviceRegistry = new ServiceRegistryBuilder()
      .applySettings(configuration.getProperties()).buildServiceRegistry();

  return configuration.buildSessionFactory(serviceRegistry);
}

I've created the encrypted password with encrypt.bat.

Then the error i have is

com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user 'sa'. ClientConnectionId:8033573f-5f52-4fe9-a728-fbe4f57d89c4

If I remove this part

StandardPBEStringEncryptor encryptor =
        new StandardPBEStringEncryptor();
encryptor.setPassword("someKey");
HibernatePBEEncryptorRegistry registry =
        HibernatePBEEncryptorRegistry.getInstance();

registry.registerPBEStringEncryptor(
        "hibernateEncryptor", encryptor);

I have the same error, so I think it doesn't register but I have no idea how to do it.

This is how i encrypt

UPDATE

The only thing i can made to get it work is something like this, but is not the way i think.

StandardPBEStringEncryptor encryptor =
                new StandardPBEStringEncryptor();
        encryptor.setPassword("somePass");
        encryptor.setAlgorithm("PBEWITHMD5ANDDES");
        String pass=encryptor.decrypt("HhpmA/XmJoLro8TYYu4YyA==");
        HibernatePBEEncryptorRegistry registry =
                HibernatePBEEncryptorRegistry.getInstance();
        registry.registerPBEStringEncryptor(
                "hibernateEncryptor", encryptor);

        Configuration configuration = new Configuration().configure()
                .setProperty("hibernate.connection.encryptor_registered_name","hibernateEncryptor")
                .setProperty("hibernate.connection.password",pass);

So i think the problem is with the "hibernateEncryptor", i think i need to register

  <typedef name="encryptedString" class="org.jasypt.hibernate4.type.EncryptedStringType">
   <param name="encryptorRegisteredName">hibernateEncryptor</param>
  <typedef>

But when i put it in hibernate.cfg.xml says invalid mapping, so i add it to a class with annotation but nothing happen cause i think this is read after database connection that is what i want to encrypt. :(

@TypeDef(name="encryptedString",typeClass=org.jasypt.hibernate4.type.EncryptedStringType.class,
        parameters= {@Parameter(name="encryptorRegisteredName",value="hibernateEncryptor")})

解决方案

This is not the proper way to do it but solves.

StandardPBEStringEncryptor encryptor =new StandardPBEStringEncryptor();
encryptor.setPassword("somePass");
encryptor.setAlgorithm("PBEWITHMD5ANDDES");
Configuration configuration = new Configuration().configure();
String pass=encryptor.decrypt(configuration.getProperty("hibernate.connection.password"));
configuration.setProperty("hibernate.connection.password",pass);   

And in hibernate.cfg

    <property name="connection.username">sa</property>
    <property name="connection.password">Nzuyhu5PJJwsVH3mdw==</property>

这篇关于无法在配置文件中加密密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！