Spring读取加密属性文件处理--待整理
引言:Spring框架俨然已经是目前Java WEB项目开发的一个宠儿,更有人将Spring, Struts,和Hibernage称之为Java WEB项目开发的3件利器。Spring的依赖、注入、AOP及和其它框架的很好集成(如:hibername、ibatis、struts等)确实给web项目开发带来了诸多便利性,但是任何一种框架都不能完全满足个性化需求开发,spring亦是如此。现有一个项目是基于spring、struts和ibtatis的,其中数据库连接池使用的是proxool,领导要求将proxool连接池配置文件进行加密,这里有2种解决方法:
1) 扩展ProxoolDataSource,重写getNewConnection方法,对其置相关数据库配置属性时进行解密处理;
2) 扩展Spring读取属性文件文件的类PropertyPlaceholderConfigurer
1、 扩展ProxoolDataSource
package *.*;
import java.io.InputStream; import java.sql.Connection; import java.sql.SQLException; import java.util.Properties;
import org.logicalcobwebs.proxool.ProxoolDataSource;
public class ProxoolDataSourceEX extends ProxoolDataSource { private Logger errorLog = CommonLogger.getErrorLog(ProxoolDataSourceEX.class); private static Properties proxoolProperties = null; private static ProxoolDataSource dataSource = null; // public synchronized Connection getConnection() { try { if (dataSource != null) return super.getConnection(); else return getNewConnection(); } catch (SQLException e) { // errorLog.error("…….", e); } return null; }
private synchronized Connection getNewConnection() { if(proxoolProperties==null){ InputStream is = Thread.currentThread().getContextClassLoader(). getResourceAsStream("proxool.properties"); proxoolProperties = new Properties(); try{ proxoolProperties.load(is); }catch(Exception e){ e.printStackTrace(); } } //属性值的解密(调用相应解密算法,解密) //解密后的属性值置入 this.setDriver(driver); this.setDriverUrl(url); … try { return super.getConnection(); } catch (SQLException e) { errorLog.error("…", e); } return null; } } |
2、 扩展Spring读取属性文件文件的类PropertyPlaceholderConfigurer
1) spring datasource配置
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans> <!-- ======================================================================== --> <!-- DataSource定义。 --> <!-- ======================================================================== --> <bean id="DBConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"> <property name="locations"> <list> <value>classpath:proxool.properties</value> </list> </property> </bean>
<bean id="dataSource" class="org.logicalcobwebs.proxool.ProxoolDataSource"> <property name="driver"> <value>${dev_proxool_driver_class}</value> </property> <property name="driverUrl"> <value>${dev_proxool_driver_url}</value> </property> <property name="user"> <value>${dev_proxool_user}</value> </property> <property name="password"> <value>${dev_proxool_password}</value> </property> <property name="alias"> <value>${dev_proxool_alias}</value> </property> … </bean> … </beans> |
2) 扩展PropertyPlaceholderConfigurer,对其方法resolvePlaceholder进行重写。
package *.*;
import java.util.Properties;
import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
public class PropertyPlaceholderConfigurerEX extends PropertyPlaceholderConfigurer{ private boolean secutiry = false; private Log logger = LogFactory.getLog(PropertyPlaceholderConfigurerEX.class); // protected String resolvePlaceholder(String placeholder, Properties props) { String placeholderValue = props.getProperty(placeholder); if(this.secutiry){ placeholderValue = deEncrypt(placeholderValue); } return placeholderValue; } // public boolean isSecutiry() { return secutiry; } public void setSecutiry(boolean secutiry) { this.secutiry = secutiry; }
private String deEncrypt(String miwen){ return 解密后的字串; } } |
3) 修改上述的datasource配置
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans> <!-- ======================================================================== --> <!-- DataSource定义。 --> <!-- ======================================================================== --> <bean id="DBConfigurer" class="*.*.PropertyPlaceholderConfigurerEX"> <property name="locations"> <list> <value>classpath:proxool.properties</value> </list> </property> <!—security为false,则对属性文件的属性值不进行解密处理,为true,则进行解密--> <property name="secutiry"> <value>false</value> </property> <!—扩展PropertyPlaceholderConfigurerEX,最好使用解密算法也可在此处配置--> </bean> 同1)datasource配置 |