Configuring Cndi Data sources and database password encryption

Free to feel that some of the things that have been used for some time will be forgotten, so began to think about the post, the first post, if there are problems please correct me.

1, first configure the data source inside the Application.xml

<bean id= "DataSource" class= "Org.springframework.jndi.JndiObjectFactoryBean" > <property name= "Jndiname" > <value>java:comp/env/jdbc/userDataSource</value> </property> </bean>

2, configure Web. XML, when the initial configuration, because there is no configuration of Web. XML caused by the connection is not up, followed by some data to find that Web. XML also needs to be configured.

<resource-ref> <description>my DB connection</description> <res-ref-name>jdbc/userdatasour Ce</res-ref-name> <res-type>javax.sql.DataSource</res-type> <res-auth>container</ Res-auth> </resource-ref>

3. Open the Conf in the Tomcat directory and locate the context.xml to configure the database connection

<resource name= "Jdbc/userdatasource"       auth= "Container"     type= "Javax.sql.DataSource"                        driverclassname= "Com.mysql.jdbc.Driver"                    url= " Jdbc:mysql://ip/mydatadasename "                 username= "root"    password= "password"                 maxidle= "       "             maxwait= "4000"                  maxactive= "   "       &Nbsp;      removeabandoned= "true"                 removeabandonedtimeout= "     "           logabandoned= "true"                 factory= " Org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory " />

Now Jndi should be able to connect to the database.

Note: If you modify the database connection inside the context, causing the connection to start the project or the previous database address, remove the tomcat from the servers below, and then re-join to OK.

The above is just a simple connection to the database with Jndi.

Now say how to encrypt the database password. In fact, it's simple, the database connection configuration in Tomcat finally points to

Org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory

This connection, the anti-compilation look, the discovery is in this to get the user name password and other parameters, so we in here to move the hands and feet on the OK. Source:

Value = Properties.getproperty ("password");    if (value = null) {Datasource.setpassword (value);    } value = Properties.getproperty ("url");    if (value = null) {Datasource.seturl (value);    } value = Properties.getproperty ("username");    if (value = null) {datasource.setusername (value); }

I'm renaming this basicdatasourcefactory file. Rewrite the code after the change.

 value = properties.getproperty ("password");    if  (value !=  null)  {      datasource.setpassword (decode (value))  //decryption Operation    }  //custom decryption method, which refers to the Aesencrypt digital signature encrypted file, config.properties inside the key is configured  private static  string decode (String password)  throws exception {    byte[]  bas = aesencrypt.parsehexstr2byte (password);     inputstream is =  new fileinputstream ("/opt/config/config.properties");     properties prop  = new properties ();     prop.load (IS);    string  Key = prop.getproperty ("key");     is.close ();     byte[]  decr = aesencrypt.decrypt (Bas, key);     return new string ( DECR);   }

And then the factory connection points to the new file.

factory= "Org.apache.tomcat.dbcp.dbcp.DecodeBasicDataSourceFactory"

Rewrite write a class, is the file easy to switch, if not encrypted directly point to basicdatasourcefactory on the line.

This article is from the "thick Product Thin Hair" blog, please make sure to keep this source http://564029287.blog.51cto.com/4516433/1584425

Configuring Cndi Data sources and database password encryption