一、说明
我们在写Springboot项目时候,配置文件中需要配置数据库连接,用户名和密码都是明文配置的。这样做很不安全,容易密码泄露。
二、加密方案
1、加密方案有好多种,下来介绍一种本人用的,比较简单的加密方法。
2、使用说明:
使用密码加密工具类,生成加密后的字符串,配置到你的项目配置文件中,项目启动后,springboot项目会根据你写的解密方法去自行解密,从而链接到你的数据库。
三、相关代码
1、application.yml
spring:datasource:url: jdbc:mysql://127.0.0.1:3306/patient?useUnicode=true&characterEncoding=utf-8&useSSL=false&serverTimezone=UTCusername: testpassword: oiWRKCcmZH/pQes5KH03kgVSHza7OK/Gjpa:hibernate:ddl-auto: updateshow-sql: true
2、密码加密工具类
package com.jianqi.HL7Service.config;import org.jasypt.properties.PropertyValueEncryptionUtils;
import org.jasypt.util.text.BasicTextEncryptor;public final class JasyptEncryptorUtils {private static final String salt = "test666";private static BasicTextEncryptor basicTextEncryptor = new BasicTextEncryptor();static {basicTextEncryptor.setPassword(salt);}private JasyptEncryptorUtils(){}/*** 明文加密* @param plaintext* @return*/public static String encode(String plaintext){System.out.println("明文字符串:" + plaintext);String ciphertext = basicTextEncryptor.encrypt(plaintext);return ciphertext;}/*** 解密* @param ciphertext* @return*/public static String decode(String ciphertext){ciphertext = "ENC(" + ciphertext + ")";if (PropertyValueEncryptionUtils.isEncryptedValue(ciphertext)){String plaintext = PropertyValueEncryptionUtils.decrypt(ciphertext,basicTextEncryptor);return plaintext;}System.out.println("解密失败");return "";}public static void main(String[] args) {// 需要加密的明文String plaintext = "patient113";// 加密明文String encryptedText = JasyptEncryptorUtils.encode(plaintext);System.out.println("加密后字符串:" + encryptedText);// 解密密文String decryptedText = JasyptEncryptorUtils.decode(encryptedText);System.out.println("解密后的字符串:" + decryptedText);}
}
3、数据库配置类
package com.jianqi.HL7Service.config;import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import org.springframework.transaction.PlatformTransactionManager;
import org.springframework.orm.jpa.JpaTransactionManager;
import org.springframework.boot.jdbc.DataSourceBuilder;import javax.sql.DataSource;@Configuration
@EnableJpaRepositories(basePackages = "com.jianqi.HL7Service.repository")
@EnableTransactionManagement
public class DatabaseConfig {@Value("${spring.datasource.url}")private String dbUrl;@Value("${spring.datasource.username}")private String dbUsername;@Value("${spring.datasource.password}")private String dbEncryptedPassword;@Beanpublic DataSource dataSource() {// 使用 JasyptEncryptorUtils 解密数据库密码String dbPassword = JasyptEncryptorUtils.decode(dbEncryptedPassword);return DataSourceBuilder.create().url(dbUrl).username(dbUsername).password(dbPassword).build();}@Beanpublic PlatformTransactionManager transactionManager() {JpaTransactionManager transactionManager = new JpaTransactionManager();transactionManager.setDataSource(dataSource());return transactionManager;}
}
)