Druid 資料庫密碼加密
阿新 • • 發佈:2021-07-14
DruidDruiver和DruidDataSource都支援PasswordCallback
Druid對密碼的加密解密是自動實現的。
1)對使用者名稱密碼加密
java -cp D:/druid-1.0.27.jar com.alibaba.druid.filter.config.ConfigTools root
java -cp D:/druid-1.0.27.jar com.alibaba.druid.filter.config.ConfigTools 123456
執行完成以後會分別生成加密的使用者密碼以及對應的公鑰和私鑰。
2)配置DruidConfig
import com.alibaba.druid.filter.config.ConfigTools;import com.alibaba.druid.pool.DruidDataSource; import com.alibaba.druid.support.http.StatViewServlet; import com.alibaba.druid.support.http.WebStatFilter; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.web.servlet.FilterRegistrationBean; importorg.springframework.boot.web.servlet.ServletRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import javax.servlet.Filter; import javax.servlet.Servlet; import javax.sql.DataSource; import java.util.Collections; importjava.util.HashMap; import java.util.Map; /** * @author wuliang * @Date: 2020/12/14 下午8:16 * @Desc: Druid資料來源配置 */ @Configuration public class DruidConfig { private static String publicKey = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJFM3pJymhYES9mQi3c23EIWuCZnCotO9NiyMaugiMY1FA6Kt4yIl9sszSklwldXWSTegCRkPCs4QePztcJWfb0CAwEAAQ=="; @ConfigurationProperties(prefix = "spring.datasource") @Bean public DataSource druidDataSource() { DruidDataSource druidDataSource = new DruidDataSource() { //資料庫密碼加密 @Override public void setPassword(String password) { try { password = ConfigTools.decrypt(publicKey, password); } catch (Exception e) { e.printStackTrace(); } super.setPassword(password); } }; // druidDataSource.setPasswordCallback(); // druidDataSource.setPasswordCallbackClassName(); // druidDataSource.setConnectionProperties("config.decrypt=true;config.decrypt.key=${jdbc.publickey}"); //配置字符集轉碼 druidDataSource.addConnectionProperty("serverEncoding", "ISO-8859-1"); druidDataSource.addConnectionProperty("clientEncoding", "GBK"); return druidDataSource; } @Bean public ServletRegistrationBean<Servlet> statViewServlet() { ServletRegistrationBean<Servlet> bean = new ServletRegistrationBean<>(new StatViewServlet(), "/druid/*"); // 這些引數可以在 com.alibaba.druid.support.http.StatViewServlet 的父類 com.alibaba.druid.support.http.ResourceServlet 中找到 Map<String, String> initParams = new HashMap<>(16); initParams.put("loginUsername", "admin"); initParams.put("loginPassword", "123456"); initParams.put("allow", ""); //預設就是允許所有訪問 //deny:Druid 後臺拒絕誰訪問,表示禁止此ip訪問 // initParams.put("deny","192.168.10.132"); bean.setInitParameters(initParams); return bean; } /** * 2、配置一個web監控的filter * http://localhost:8120/druid/login.html * * @return */ @Bean public FilterRegistrationBean<Filter> webStatFilter() { FilterRegistrationBean<Filter> bean = new FilterRegistrationBean<>(); bean.setFilter(new WebStatFilter()); Map<String, String> initParams = new HashMap<>(16); initParams.put("exclusions", "*.js,*.css,/druid/*"); bean.setInitParameters(initParams); bean.setUrlPatterns(Collections.singletonList("/*")); return bean; } }
3)配置檔案application.properties
server.port=8120 spring.application.name=ssm-api spring.profiles.active=dev spring.datasource.type=com.alibaba.druid.pool.DruidDataSource spring.datasource.driver-class-name=com.alibaba.druid.proxy.DruidDriver spring.datasource.url=jdbc:wrap-jdbc:filters=encoding:jdbc:oracle:thin:@192.168.192.254:1521:orcl spring.datasource.username=xtwy spring.datasource.password=X0EiFJKxEqgv3QUqX6OtngipMvPZPtPtImLKAheLosdbqsGYVy961IGeNcUM6zSM5NgX14mCJB3Ef+etv6kEIQ== #mybatis日誌 mybatis-plus.configuration.log-impl=org.apache.ibatis.logging.stdout.StdOutImpl