Druid 数据库密码加密
DruidDruiver和DruidDataSource都支持PasswordCallback
Druid对密码的加密解密是自动实现的。
1)对用户名密码加密
java -cp D:/druid-1.0.27.jar com.alibaba.druid.filter.config.ConfigTools root
java -cp D:/druid-1.0.27.jar com.alibaba.druid.filter.config.ConfigTools 123456
执行完成以后会分别生成加密的用户密码以及对应的公钥和私钥。
2)配置DruidConfig
import com.alibaba.druid.filter.config.ConfigTools; import com.alibaba.druid.pool.DruidDataSource; import com.alibaba.druid.support.http.StatViewServlet; import com.alibaba.druid.support.http.WebStatFilter; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.boot.web.servlet.ServletRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import javax.servlet.Filter; import javax.servlet.Servlet; import javax.sql.DataSource; import java.util.Collections; import java.util.HashMap; import java.util.Map; /** * @author wuliang * @Date: 2020/12/14 下午8:16 * @Desc: Druid数据源配置 */ @Configuration public class DruidConfig { private static String publicKey = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJFM3pJymhYES9mQi3c23EIWuCZnCotO9NiyMaugiMY1FA6Kt4yIl9sszSklwldXWSTegCRkPCs4QePztcJWfb0CAwEAAQ=="; @ConfigurationProperties(prefix = "spring.datasource") @Bean public DataSource druidDataSource() { DruidDataSource druidDataSource = new DruidDataSource() { //数据库密码加密 @Override public void setPassword(String password) { try { password = ConfigTools.decrypt(publicKey, password); } catch (Exception e) { e.printStackTrace(); } super.setPassword(password); } }; // druidDataSource.setPasswordCallback(); // druidDataSource.setPasswordCallbackClassName(); // druidDataSource.setConnectionProperties("config.decrypt=true;config.decrypt.key=${jdbc.publickey}"); //配置字符集转码 druidDataSource.addConnectionProperty("serverEncoding", "ISO-8859-1"); druidDataSource.addConnectionProperty("clientEncoding", "GBK"); return druidDataSource; } @Bean public ServletRegistrationBean<Servlet> statViewServlet() { ServletRegistrationBean<Servlet> bean = new ServletRegistrationBean<>(new StatViewServlet(), "/druid/*"); // 这些参数可以在 com.alibaba.druid.support.http.StatViewServlet 的父类 com.alibaba.druid.support.http.ResourceServlet 中找到 Map<String, String> initParams = new HashMap<>(16); initParams.put("loginUsername", "admin"); initParams.put("loginPassword", "123456"); initParams.put("allow", ""); //默认就是允许所有访问 //deny:Druid 后台拒绝谁访问,表示禁止此ip访问 // initParams.put("deny","192.168.10.132"); bean.setInitParameters(initParams); return bean; } /** * 2、配置一个web监控的filter * http://localhost:8120/druid/login.html * * @return */ @Bean public FilterRegistrationBean<Filter> webStatFilter() { FilterRegistrationBean<Filter> bean = new FilterRegistrationBean<>(); bean.setFilter(new WebStatFilter()); Map<String, String> initParams = new HashMap<>(16); initParams.put("exclusions", "*.js,*.css,/druid/*"); bean.setInitParameters(initParams); bean.setUrlPatterns(Collections.singletonList("/*")); return bean; } }
3)配置文件application.properties
server.port=8120 spring.application.name=ssm-api spring.profiles.active=dev spring.datasource.type=com.alibaba.druid.pool.DruidDataSource spring.datasource.driver-class-name=com.alibaba.druid.proxy.DruidDriver spring.datasource.url=jdbc:wrap-jdbc:filters=encoding:jdbc:oracle:thin:@192.168.192.254:1521:orcl spring.datasource.username=xtwy spring.datasource.password=X0EiFJKxEqgv3QUqX6OtngipMvPZPtPtImLKAheLosdbqsGYVy961IGeNcUM6zSM5NgX14mCJB3Ef+etv6kEIQ== #mybatis日志 mybatis-plus.configuration.log-impl=org.apache.ibatis.logging.stdout.StdOutImpl
