tomcat数据源密码加密

原创已于 2022-07-07 14:25:46 修改 · 2.9k 阅读

3 ·

本内容遵循CC 4.0 BY-SA版权协议

标签

#tomcat数据源加密

于 2021-07-07 17:12:28 首次发布

踩过的坑专栏收录该内容

48 篇文章

订阅专栏

本文介绍了如何在Tomcat的server.xml配置文件中为数据源添加资源节点<Resource>，并探讨了使用自定义工厂类如MyBasicDataSourceFactory进行加密的方法，该工厂类可以扩展Apache Commons DBCP的BasicDataSourceFactory或Tomcat自身的BasicDataSourceFactory。

tomcat/conf/server.xml在<Context>节点下新增<Resource>节点

<Resource
    name="orcl"
    auth="Container"
    type="javax.sql.DataSource"
    username="runqian"password="\u0072\u0075\u006e\u0071\u0069\u0061\u006e"
    driverClassName="oracle.jdbc.driver.OracleDriver"
    url="jdbc:oracle:thin:@localhost:1521:orcl"
    maxActive="100"
    maxIdle="30"
    maxWait="100"
    factory="com.test.MyBasicDataSourceFactory"
    />

其中factory属性值用

MyBasicDataSourceFactory extends org.apache.commons.dbcp.BasicDataSourceFactory
或者
MyBasicDataSourceFactory extends org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory

MyBasicDataSourceFactory extends org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory
重写
package net.uni.ap.jdbc;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.Name;
import javax.naming.RefAddr;
import javax.naming.Reference;
import javax.naming.StringRefAddr;
import org.apache.commons.dbcp.BasicDataSourceFactory;
import com.utils.Util;
/**
* @author
*/
public class MyBasicDataSourceFactory extends BasicDataSourceFactory {
    public Object getObjectInstance(Object obj, Name name, Context nameCtx,
    Hashtable environment) throws Exception {
        if (obj instanceof Reference) {
            setUsername((Reference) obj);
            setPassword((Reference) obj);
        }
        return super.getObjectInstance(obj, name, nameCtx, environment);
    }
    private void setUsername(Reference ref) throws Exception {
        findDecryptAndReplace("username", ref);
    }
    private void setPassword(Reference ref) throws Exception {
        findDecryptAndReplace("password", ref);
    }
    private void findDecryptAndReplace(String refType, Reference ref)
     throws Exception {
         int idx = find(refType, ref);
         String decrypted = decrypt(idx, ref);
         replace(idx, refType, decrypted, ref);
    }
    private void replace(int idx, String refType, String newValue, Reference ref)
     throws Exception {
         ref.remove(idx);
         ref.add(idx, new StringRefAddr(refType, newValue));
    }
    //解密，用户名和密码用什么加密的，这里就用同样的方式解密
    private String decrypt(int idx, Reference ref) throws Exception {
        return Util.decryptByTea(ref.get(idx).getContent().toString());
    }
    //加密    
    private String encrypt(int idx, Reference ref) throws Exception {
        String content = ref.get(isx).getContent().toString();
        return Util.encrypt(content);
    }
    private int find(String addrType, Reference ref) throws Exception {
         Enumeration enu = ref.getAll();
         for (int i = 0; enu.hasMoreElements(); i++) {
             RefAddr addr = (RefAddr) enu.nextElement();
             if (addr.getType().compareTo(addrType) == 0) {
                return i;
             }
         }
         throw new Exception("The \"" + addrType
            + "\" name/value pair was not found"
            + " in the Reference object. The reference Object is" + " "
            + ref.toString());
    }
    
    public static DataSource createDataSource(Properties properties){
        String username = properties.getProperty("username");
        username = TeaUtil.decrypt(username);
        properties.setProperty("username",username);

        String password = properties.getProperty("password");
        password = TeaUtil.decrypt(password);
        properties.setProperty("password",password);

        return BasicDataSourceFactory.createDataSource(properties);
    }
}