Spring reads the encrypted configuration information and spring reads the encrypted configuration.

Source: Internet
Author: User

Spring reads the encrypted configuration information and spring reads the encrypted configuration.

Description & background
When the Spring framework configures database and other connection attributes, they are all read by the PopertyPlaceholderConfigurer. properties file, but if the project does not allow saving important connection information such as passwords in the configuration file in plain text, only the PopertyPlaceholderConfigurer can be inherited and the convertProperty (String propertyName, String propertyValue) method can be rewritten, this method is a rare design mode for passing parameters in java. Here, we can obtain the ciphertext that we need to decrypt and then send it to the spring component to connect to the database, avoiding plaintext storage. Therefore, we can save the encrypted information to the. Properties file and decrypt it before reading the file, so that we can save the information of unknown files. Here I will use AES to encrypt important information.
Procedure
1. Export the encryption tool File
Place the AES encryption file in the project tool class. If there are other encryption and decryption tools, use this AES encryption tool.
2. inherit from PropertyPlaceholderConfigurer

Package com. openeap. common. web; import org. springframework. beans. factory. config. propertyPlaceholderConfigurer; import com. openeap. common. utils. aes. AESEncryptor; public class EncryptPropertyPlaceholderConfigurer extends PropertyPlaceholderConfigurer {private String [] encryptPropNames = {"jdbc. username "," jdbc. password "}; private String code =" gzxcxxxtgcyxgs01 "; @ Override protected String convertProperty (String propertyName, String propertyValue) {// if the attribute if (isEncryptProp (propertyName) {String decryptValue = ""; try {decryptValue = AESEncryptor is found in the encryption attribute list. decrypt (code, propertyValue);} catch (Exception e) {// TODO Auto-generated catch block e. printStackTrace ();}
System. out. println (decryptValue); return decryptValue = ""? PropertyValue: decryptValue;} else {return propertyValue;} private boolean isEncryptProp (String propertyName) {for (String encryptName: encryptPropNames) {if (encryptName. equals (propertyName) {return true ;}} return false ;}}

 

AES encryption also requires a code. Here we need a 16-bit or 16-bit key. When spring reads a field containing encryptPropNames, it will execute the convertProperty Method for decryption.
Note: The format saved in the. propertites file is
Jdbc. username = admin
Jdbc. password = 123456

3. Spring configuration file configuration
When spring loads the property configuration file

<bean class="com.openeap.common.web.EncryptPropertyPlaceholderConfigurer"  >         <property name="ignoreUnresolvablePlaceholders" value="true"></property>        <property name="locations">               <list>                   <value>classpath*:/application.properties</value>               </list>           </property>      </bean>

Replace the original

<context:property-placeholder ignore-unresolvable="true" location="classpath*:/application.properties" />

 

4. Calculate the encrypted information
In the AES encryption method, encrypt (String seek, String cleartext). For example, if the original value is aaa, the key is 1234567887654321, and the obtained password is N! Kk8dwLm0z7hlGkq2dbdQ =

Finally, the ciphertext information is refilled into the. properties file.

jdbc.username=N!Kk8dwLm0z7hlGkq2dbdQ==

So far, spring does not store important plaintext information in the configuration information.

If any error occurs, please correct it. Thank you very much!

========================= I am a splitting line ========================

AES encrypted file

Http://pan.baidu.com/s/1jH6bM3W

Please email me, cngdsch@163.com if it is invalid

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.