Spring读取加密属性文件处理
引言:Spring框架俨然已经是目前Java WEB项目开发的一个宠儿,更有人将Spring, Struts,和Hibernage称之为Java WEB项目开发的3件利器。Spring的依赖、注入、AOP及和其它框架的很好集成(如:hibername、ibatis、struts等)确实给web项目开发带来了诸多便利性,但是任何一种框架都不能完全满足个性化需求开发,spring亦是如此。现有一个项目是基于spring、struts和ibtatis的,其中数据库连接池使用的是proxool,领导要求将proxool连接池配置文件进行加密,这里有2种解决方法:
1) 扩展ProxoolDataSource,重写getNewConnection方法,对其置相关数据库配置属性时进行解密处理;
2) 扩展Spring读取属性文件文件的类PropertyPlaceholderConfigurer
1、 扩展ProxoolDataSource
package *.*;
import java.io.InputStream;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.Properties;
import org.logicalcobwebs.proxool.ProxoolDataSource;
public class ProxoolDataSourceEX extends ProxoolDataSource {
private Logger errorLog = CommonLogger.getErrorLog(ProxoolDataSourceEX.class);
private static Properties proxoolProperties = null;
private static ProxoolDataSource dataSource = null;
//
public synchronized Connection getConnection() {
try {
if (dataSource != null)
return super.getConnection();
else
return getNewConnection();
} catch (SQLException e) {
// errorLog.error("…….", e);
}
return null;
}
private synchronized Connection getNewConnection() {
if(proxoolProperties==null){
InputStream is = Thread.currentThread().getContextClassLoader().
getResourceAsStream("proxool.properties");
proxoolProperties = new Properties();
try{
proxoolProperties.load(is);
}catch(Exception e){
e.printStackTrace();
}
}
//属性值的解密(调用相应解密算法,解密)
//解密后的属性值置入
this.setDriver(driver);
this.setDriverUrl(url);
…
try {
return super.getConnection();
} catch (SQLException e) {
errorLog.error("…", e);
}
return null;
}
}
2、 扩展Spring读取属性文件文件的类PropertyPlaceholderConfigurer
1) spring datasource配置
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!-- ======================================================================== -->
<!-- DataSource定义。 -->
<!-- ======================================================================== -->
<bean id="DBConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:proxool.properties</value>
</list>
</property>
</bean>
<bean id="dataSource"
class="org.logicalcobwebs.proxool.ProxoolDataSource">
<property name="driver">
<value>${dev_proxool_driver_class}</value>
</property>
<property name="driverUrl">
<value>${dev_proxool_driver_url}</value>
</property>
<property name="user">
<value>${dev_proxool_user}</value>
</property>
<property name="password">
<value>${dev_proxool_password}</value>
</property>
<property name="alias">
<value>${dev_proxool_alias}</value>
</property>
…
</bean>
…
</beans>
2) 扩展PropertyPlaceholderConfigurer,对其方法resolvePlaceholder进行重写。
package *.*;
import java.util.Properties;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
public class PropertyPlaceholderConfigurerEX extends PropertyPlaceholderConfigurer{
private boolean secutiry = false;
private Log logger = LogFactory.getLog(PropertyPlaceholderConfigurerEX.class);
//
protected String resolvePlaceholder(String placeholder, Properties props) {
String placeholderValue = props.getProperty(placeholder);
if(this.secutiry){
placeholderValue = deEncrypt(placeholderValue);
}
return placeholderValue;
}
//
public boolean isSecutiry() {
return secutiry;
}
public void setSecutiry(boolean secutiry) {
this.secutiry = secutiry;
}
private String deEncrypt(String miwen){
return 解密后的字串;
}
}
3) 修改上述的datasource配置
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!-- ======================================================================== -->
<!-- DataSource定义。 -->
<!-- ======================================================================== -->
<bean id="DBConfigurer"
class="*.*.PropertyPlaceholderConfigurerEX">
<property name="locations">
<list>
<value>classpath:proxool.properties</value>
</list>
</property>
<!—security为false,则对属性文件的属性值不进行解密处理,为true,则进行解密-->
<property name="secutiry">
<value>false</value>
</property>
<!—扩展PropertyPlaceholderConfigurerEX,最好使用解密算法也可在此处配置-->
</bean>
同1)datasource配置