Springmvc using implicit JDBC connection information

In a local test environment, if we build the project using SPRINGMVC, the database's "user name, password, and connection address" are written directly in the configuration file. And once the project is built in the running environment of the server, the "User name, password, connection address" connection information to make the necessary hidden, so more secure, then how to do the implicit JDBC connection information?

A feasible scheme of implicit JDBC connection information

SPRINGMVC when building JDBC connection information, the following information is typically provided in the "Applicationcontext.xml" file for the jdbcconnection of the project.

<!--Introducing the JDBC configuration file --<Bean class=" Org.springframework.beans.factory.config.PropertyPlaceholderConfigurer ">    < property name="Locations">        <value>File:c:/properties/hcmanage.properties</value>    </Property ></Bean><bean id= "dataSource" class=" Org.apache.commons.dbcp.BasicDataSource " destroy-method=" Close ">    < property name="Driverclassname" value="${driver}" ></Property >    < property name="url" value="${url}?useunicode=true&amp; characterencoding=utf8&amp; " ></Property >    < property name="username" value="${username}"> </Property >    < property name="password" value="${password}"></Property >    < property name="Testonborrow" value="true" />    < property name="Validationquery">        <value>Select 1 from DUAL</value>    </Property ></Bean>

Then we configure the "user name, password, connection address" in clear text in the Hcmanage.properties file.

driver=com.mysql.jdbc.Driverurl=jdbc:mysql://127.0.0.1:3306/jdbcusername=rootpassword=root

This primitive approach directly exposes our "User name, password, connection address" and other key information, so how to avoid these key information? The best practice is that in the Hcmanage.properties file we only provide the following information:

driver=com.mysql.jdbc.Driverurl=username=password=

We keep "user name, password, connection address" real information in a relatively safe location, such as our own database, the database is not in the production environment, so that others want to know the production environment "User name, password, connection address", you must first crack our own server, Then cracked the database on the server, the relative increase of a lot of difficulty.

So what do we do if we want to achieve this security effect?

The key position is on the "propertyplaceholderconfigurer" Class!

<!-- 引入jdbc配置文件 --><bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">    <property name="locations">        <value>file:C:/properties/hcmanage.properties</value>    </property></bean>

Second, inherit the Propertyplaceholderconfigurer class

Yes, we create a new custom Propertyplaceholderconfigurer class that inherits " Org.springframework.beans.factory.config.PropertyPlaceholderConfigurer ".

Encryptpropertyplaceholderconfigurer.java

 Public  class encryptpropertyplaceholderconfigurer  extends  Propertyplaceholderconfigurer {    @Override    protectedStringConvertproperty(String propertyname, String propertyvalue) {if(Isencryptproperty (PropertyName)) {returnConstants.databaseMap.get (PropertyName); }return Super. Convertproperty (PropertyName, PropertyValue); }Private Boolean Isencryptproperty(String pname) { for(String Name:Constants.DATABASE_PROPERTY_NAMES) {if(Name.equals (PName)) {return true; }        }return false; }}

PS: Attention to key methods

Protected string Convertproperty (String propertyname, String propertyvalue)

The method will be converted according to our own will, based on the PropertyName provided in the configuration file, returning the corresponding propertyvalue.

That is to say, we can

driver=com.mysql.jdbc.Driverurl=username=password=

Through a certain conversion law, converted to

driver=com.mysql.jdbc.Driverurl=jdbc:mysql://127.0.0.1:3306/jdbcusername=rootpassword=root

And this process is opaque, the so-called implicit conversion!

Third, the use of WebService to obtain the JDBC connection information

1. Java implements SSH mode encryption,
2. Communication between WebService

How to establish a WebService communication connection, you can refer to the second article.
How to do asymmetric encryption in the communication process, you can refer to the first article.

As I have previously written a similar blog, I will not repeat here, it is important to provide SPRINGMVC using the implicit JDBC connection information solution!

Thank you for reading "Silent Wang er Blog", if Wang ER's blog to bring you a hint of help or touched, I (that is, Wang II) will not be very honored.
If you happen to like it, you can leave a message or send it to me, which will be the strongest motivation for me to tinker with more excellent articles.

Springmvc using implicit JDBC connection information