MyBatis 配置文件 用户密码加密存储
properties配置文件
一般是使用properties保存配置文件内容,然后在mybatis配置文件中进行读取
在resource文件下新建db.properties文件
内容如下
# 数据库配置文件 driver = com.mysql.cj.jdbc.Driver url = jdbc:mysql:// /mybatis username = password =
然后,接着把文件放入源码包中
配置mybatis-config.xml文件
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE configuration PUBLIC "-//mybatis.org//DTD Config 3.0//EN" "http://mybatis.org/dtd/mybatis-3-config.dtd"> <configuration> <!-- 读取数据库配置文件 --> <properties resource="db.properties"/> <!-- 定义别名 --> <typeAliases> <typeAlias type="com.ming.Role" alias="role"/> </typeAliases> <!-- 自定义数据处理 --> <typeHandlers> <typeHandler handler="org.apache.ibatis.type.EnumOrdinalTypeHandler" javaType="com.ming.Sex"/> </typeHandlers> <!-- 定义数据库信息 --> <environments default="development"> <environment id="development"> <!-- jdbc事物管理 --> <transactionManager type="JDBC"/> <!-- 数据库链接信息 --> <dataSource type="POOLED"> <property name="driver" value="${driver}"/> <property name="url" value="${url}"/> <property name="username" value="${username}"/> <property name="password" value="${password}"/> </dataSource> </environment> </environments> <mappers> <mapper resource="RoleMapper.xml"/> </mappers> </configuration>
目录结构如下
数据库密码加密
生产环境的数据库密码都为加密密码,需要在使用的时候,把加密密码解密成为明文
先创建数据库密码类
package com.ming.Util; import javax.crypto.*; import javax.crypto.spec.SecretKeySpec; import java.io.UnsupportedEncodingException; import java.security.*; import java.util.Base64; public class Decode { /** * 生成秘钥 * @param * @return */ public static String generateDecode() throws UnsupportedEncodingException { KeyGenerator keyGen = null;//密钥生成器 try { keyGen = KeyGenerator.getInstance("DES"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } keyGen.init(56);//初始化密钥生成器 SecretKey secretKey = keyGen.generateKey();//生成密钥 byte[] key = secretKey.getEncoded();//密钥字节数组 // 进行base64编码 String encodedKey = Base64.getEncoder().encodeToString(key); return encodedKey; } /** * 进行加密 * @param string * @param key * @return */ public static String encryptionDecode(String string, String key){ //System.out.println(System.getenv("KEYWORDES")); SecretKey secretKey = new SecretKeySpec(Base64.getDecoder().decode(key), "DES");//恢复密钥 Cipher cipher = null;//Cipher完成加密或解密工作类 try { cipher = Cipher.getInstance("DES"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } try { cipher.init(Cipher.ENCRYPT_MODE, secretKey);//对Cipher初始化,加密模式 } catch (InvalidKeyException e) { e.printStackTrace(); } byte[] cipherByte = null; try { cipherByte = cipher.doFinal(Base64.getDecoder().decode(string));//加密data } catch (IllegalBlockSizeException e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } return Base64.getEncoder().encodeToString(cipherByte); } public static String decryptDecode(String string, String key){ SecretKey secretKey = new SecretKeySpec(Base64.getDecoder().decode(key), "DES");//恢复密钥 Cipher cipher = null;//Cipher完成加密或解密工作类 try { cipher = Cipher.getInstance("DES"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } try { cipher.init(Cipher.DECRYPT_MODE, secretKey);//对Cipher初始化,解密模式 } catch (InvalidKeyException e) { e.printStackTrace(); } byte[] cipherByte = new byte[0];//解密data try { cipherByte = cipher.doFinal(Base64.getDecoder().decode(string)); } catch (IllegalBlockSizeException e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } return Base64.getEncoder().encodeToString(cipherByte); } }
该类有三个方法,为加密data,解密data,生成key
然后编辑操作系统环境变量
达到输入
➜ ~ echo $KEYWORDES
可以输出环境变量
接着再次修改SqlSessionFactoryUtil类
package com.ming.Util; import org.apache.ibatis.io.Resources; import org.apache.ibatis.session.SqlSession; import org.apache.ibatis.session.SqlSessionFactory; import org.apache.ibatis.session.SqlSessionFactoryBuilder; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.Reader; import java.util.Properties; /** * @author ming * 构建SqlSessionFactory * 由于数据库连接是宝贵的,需要对数据库连接统一管理,所以使用单例进行管理 * 这里的单利使用的双重锁 * SqlSessionFactory为线程不安全类型需要加锁,确保同一时刻,只有一个线程可以使用该对象 */ public class SqlSessionFactoryUtil { /** * SqlSessionFactory对象 */ private static SqlSessionFactory sqlSessionFactory = null; /** * 类线程锁 */ private static final Class CLASS_LOCK = SqlSessionFactoryUtil.class; /** * 日志管理类 */ private static final Logger logger = LogManager.getLogger(); /** * 单例 */ private SqlSessionFactoryUtil(){ } /** * @return SqlSessionFactory * 初始化SqlSessionFactory对象 */ public static SqlSessionFactory initSqlSessionFactory(){ // 获得输入流 InputStream cfgStream = null; // 阅读流 Reader cfgReader = null; InputStream proStream = null; Reader proReader = null; // 持久化属性集 Properties properties = null; try{ // 配置文件流 cfgStream = Resources.getResourceAsStream("mybatis-config.xml"); // 获得阅读流 cfgReader = new InputStreamReader(cfgStream); // 读入属性文件 proStream = Resources.getResourceAsStream("db.properties"); proReader = new InputStreamReader(proStream); // 持久化属性集 properties = new Properties(); // 流转载进入属性集合 properties.load(proReader); }catch (Exception e){ logger.error(e); } if(sqlSessionFactory == null){ synchronized (CLASS_LOCK){ sqlSessionFactory = new SqlSessionFactoryBuilder().build(cfgReader, properties); } } return sqlSessionFactory; } /** * 打开SqlSession * @return SqlSession */ public static SqlSession openSqlSesion(){ // 判空处理 if(sqlSessionFactory == null){ initSqlSessionFactory(); } return sqlSessionFactory.openSession(); } }
接着,再次对密码进行加密,在读取的时候,对阅读流的结果集进行持久化设置
先对db.properties数据库密码进行加密
更改以后配置文件如下
# 数据库配置文件 driver = com.mysql.cj.jdbc.Driver url = jdbc:mysql://47.94.95.84:32786/mybatis username = mybatis password = 8GgwaJCtTXLGItiYF9c4mg==
接着再次更改Util类
package com.ming.Util; import org.apache.ibatis.io.Resources; import org.apache.ibatis.session.SqlSession; import org.apache.ibatis.session.SqlSessionFactory; import org.apache.ibatis.session.SqlSessionFactoryBuilder; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import java.io.InputStream; import java.io.InputStreamReader; import java.io.Reader; import java.util.Properties; /** * @author ming * 构建SqlSessionFactory * 由于数据库连接是宝贵的,需要对数据库连接统一管理,所以使用单例进行管理 * 这里的单利使用的双重锁 * SqlSessionFactory为线程不安全类型需要加锁,确保同一时刻,只有一个线程可以使用该对象 */ public class SqlSessionFactoryUtil { /** * SqlSessionFactory对象 */ private static SqlSessionFactory sqlSessionFactory = null; /** * 类线程锁 */ private static final Class CLASS_LOCK = SqlSessionFactoryUtil.class; /** * 日志管理类 */ private static final Logger logger = LogManager.getLogger(); /** * 单例 */ private SqlSessionFactoryUtil(){ } /** * @return SqlSessionFactory * 初始化SqlSessionFactory对象 */ public static SqlSessionFactory initSqlSessionFactory(){ // 获得输入流 InputStream cfgStream = null; // 阅读流 Reader cfgReader = null; InputStream proStream = null; Reader proReader = null; // 持久化属性集 Properties properties = null; try{ // 配置文件流 cfgStream = Resources.getResourceAsStream("mybatis-config.xml"); // 获得阅读流 cfgReader = new InputStreamReader(cfgStream); // 读入属性文件 proStream = Resources.getResourceAsStream("db.properties"); proReader = new InputStreamReader(proStream); // 持久化属性集 properties = new Properties(); // 流装载进入属性集合 properties.load(proReader); // 获取当前系统ENV String key = System.getenv("KEYWORDES"); // 进行解密 properties.setProperty("password", Decode.decryptDecode(properties.getProperty("password"), key)); }catch (Exception e){ logger.error(e); } if(sqlSessionFactory == null){ synchronized (CLASS_LOCK){ sqlSessionFactory = new SqlSessionFactoryBuilder().build(cfgReader, properties); } } return sqlSessionFactory; } /** * 打开SqlSession * @return SqlSession */ public static SqlSession openSqlSesion(){ // 判空处理 if(sqlSessionFactory == null){ initSqlSessionFactory(); } return sqlSessionFactory.openSession(); } }
书写单元测试
package com.ming.Util; import org.junit.Test; import static org.junit.Assert.*; public class SqlSessionFactoryUtilTest { @Test public void initSqlSessionFactory() { } @Test public void openSqlSesion() { SqlSessionFactoryUtil.openSqlSesion(); } }
目前的目录结构
此时执行单元测试,可以发现单元测试已经通过
控制台打印出log信息
2019-04-11 17:17:37.357 [DEBUG] org.apache.ibatis.logging.LogFactory.setImplementation(LogFactory.java:105) - Logging initialized using 'class org.apache.ibatis.logging.log4j2.Log4j2Impl' adapter. 2019-04-11 17:17:37.403 [DEBUG] org.apache.ibatis.datasource.pooled.PooledDataSource.forceCloseAll(PooledDataSource.java:334) - PooledDataSource forcefully closed/removed all connections. 2019-04-11 17:17:37.403 [DEBUG] org.apache.ibatis.datasource.pooled.PooledDataSource.forceCloseAll(PooledDataSource.java:334) - PooledDataSource forcefully closed/removed all connections. 2019-04-11 17:17:37.404 [DEBUG] org.apache.ibatis.datasource.pooled.PooledDataSource.forceCloseAll(PooledDataSource.java:334) - PooledDataSource forcefully closed/removed all connections. 2019-04-11 17:17:37.404 [DEBUG] org.apache.ibatis.datasource.pooled.PooledDataSource.forceCloseAll(PooledDataSource.java:334) - PooledDataSource forcefully closed/removed all connections. Process finished with exit code 0
发现错误,修改加密类
package com.ming.Util; import javax.crypto.*; import javax.crypto.spec.SecretKeySpec; import java.io.UnsupportedEncodingException; import java.security.*; import java.util.Base64; public class Decode { /** * 生成秘钥 * @param * @return */ public static String generateDecode() throws UnsupportedEncodingException { KeyGenerator keyGen = null;//密钥生成器 try { keyGen = KeyGenerator.getInstance("DES"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } keyGen.init(56);//初始化密钥生成器 SecretKey secretKey = keyGen.generateKey();//生成密钥 byte[] key = secretKey.getEncoded();//密钥字节数组 // 进行base64编码 String encodedKey = Base64.getEncoder().encodeToString(key); return encodedKey; } /** * 进行加密 * @param string * @param key * @return */ public static String encryptionDecode(String string, String key){ SecretKey secretKey = new SecretKeySpec(Base64.getDecoder().decode(key), "DES");//恢复密钥 Cipher cipher = null;//Cipher完成加密或解密工作类 try { cipher = Cipher.getInstance("DES"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } try { cipher.init(Cipher.ENCRYPT_MODE, secretKey);//对Cipher初始化,加密模式 } catch (InvalidKeyException e) { e.printStackTrace(); } byte[] cipherByte = null; try { cipherByte = cipher.doFinal(string.getBytes());//加密data } catch (IllegalBlockSizeException e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } return Base64.getEncoder().encodeToString(cipherByte); } /** * 进行解密 * @param string * @param key * @return */ public static String decryptDecode(String string, String key){ SecretKey secretKey = new SecretKeySpec(Base64.getDecoder().decode(key), "DES");//恢复密钥 Cipher cipher = null;//Cipher完成加密或解密工作类 try { cipher = Cipher.getInstance("DES"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } try { cipher.init(Cipher.DECRYPT_MODE, secretKey);//对Cipher初始化,解密模式 } catch (InvalidKeyException e) { e.printStackTrace(); } byte[] cipherByte = new byte[0];//解密data try { cipherByte = cipher.doFinal(Base64.getDecoder().decode(string)); } catch (IllegalBlockSizeException e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } return new String(cipherByte); } }
再次运行,可以发现已经成功执行sql语句
相关推荐
xiuyangsong 2020-11-16
Nishinoshou 2020-11-09
jimgreatly 2020-09-01
dongxurr 2020-08-18
Dullonjiang 2020-08-15
Dullonjiang 2020-08-11
Dullonjiang 2020-08-09
dongxurr 2020-08-08
yunzhonmghe 2020-08-07
jimgreatly 2020-08-03
Dullonjiang 2020-07-30
jimgreatly 2020-07-27
liqiancao 2020-07-26
xiuyangsong 2020-07-26
dongxurr 2020-07-26
mcvsyy 2020-07-26
helloxusir 2020-07-25
牧场SZShepherd 2020-07-20