Spring reads the encrypted configuration information and spring reads the encrypted configuration.
Description & background
When the Spring framework configures database and other connection attributes, they are all read by the PopertyPlaceholderConfigurer. properties file, but if the project does not allow saving important connection information such as passwords in the configuration file in plain text, only the PopertyPlaceholderConfigurer can be inherited and the convertProperty (String propertyName, String propertyValue) method can be rewritten, this method is a rare design mode for passing parameters in java. Here, we can obtain the ciphertext that we need to decrypt and then send it to the spring component to connect to the database, avoiding plaintext storage. Therefore, we can save the encrypted information to the. Properties file and decrypt it before reading the file, so that we can save the information of unknown files. Here I will use AES to encrypt important information.
Procedure
1. Export the encryption tool File
Place the AES encryption file in the project tool class. If there are other encryption and decryption tools, use this AES encryption tool.
2. inherit from PropertyPlaceholderConfigurer
Package com. openeap. common. web; import org. springframework. beans. factory. config. propertyPlaceholderConfigurer; import com. openeap. common. utils. aes. AESEncryptor; public class EncryptPropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {private String [] encryptPropNames = {"jdbc. username "," jdbc. password "}; private String code =" gzxcxxxtgcyxgs01 "; @ Override protected String convertProperty (String propertyName, String propertyValue) {// if the attribute if (isEncryptProp (propertyName) {String decryptValue = ""; try {decryptValue = AESEncryptor is found in the encryption attribute list. decrypt (code, propertyValue);} catch (Exception e) {// TODO Auto-generated catch block e. printStackTrace ();}
System. out. println (decryptValue); return decryptValue = ""? PropertyValue: decryptValue;} else {return propertyValue;} private boolean isEncryptProp (String propertyName) {for (String encryptName: encryptPropNames) {if (encryptName. equals (propertyName) {return true ;}} return false ;}}
AES encryption also requires a code. Here we need a 16-bit or 16-bit key. When spring reads a field containing encryptPropNames, it will execute the convertProperty Method for decryption.
Note: The format saved in the. propertites file is
Jdbc. username = admin
Jdbc. password = 123456
3. Spring configuration file configuration
When spring loads the property configuration file
<bean class="com.openeap.common.web.EncryptPropertyPlaceholderConfigurer" > <property name="ignoreUnresolvablePlaceholders" value="true"></property> <property name="locations"> <list> <value>classpath*:/application.properties</value> </list> </property> </bean>
Replace the original
<context:property-placeholder ignore-unresolvable="true" location="classpath*:/application.properties" />
4. Calculate the encrypted information
In the AES encryption method, encrypt (String seek, String cleartext). For example, if the original value is aaa, the key is 1234567887654321, and the obtained password is N! Kk8dwLm0z7hlGkq2dbdQ =
Finally, the ciphertext information is refilled into the. properties file.
jdbc.username=N!Kk8dwLm0z7hlGkq2dbdQ==
So far, spring does not store important plaintext information in the configuration information.
If any error occurs, please correct it. Thank you very much!
========================= I am a splitting line ========================
AES encrypted file
Http://pan.baidu.com/s/1jH6bM3W
Please email me, cngdsch@163.com if it is invalid