Tomcat 配置文件数据库密码加密 |
您所在的位置:网站首页 › 数据库sp_password加密怎么找回密码 › Tomcat 配置文件数据库密码加密 |
|
几年前研究过Tomcat context.xml 中数据库密码改为密文的内容,因为当时在客户云桌面代码没有留备份也没有文章记录,最近项目又提出了这个需求就又重新拾起来学习一下。在网上找了一些资料,自己也大概试了一下,目前功能是实现了。 参考链接: https://blog.csdn.net/fzzsh/article/details/8863338 https://blog.csdn.net/T_P_F/article/details/118552417 Tomcat 常见情况正常的tomcat context.xml配置文件数据库用户名和密码都是明文的 现在因为安全要求或者国家等保要求,这个数据库密码是需要加密的,并且要定期修改的,首先实现加密功能 Tomcat context.xml密码加密tomcat加密是通过在配置文件中增加 factory参数让数据源的解析指到定制化的jar包中,对密码或用户名进行解析,加密后的配置文件信息 factory="com.axb.data.factory.DataSourceFactory" 是包名+类名。password 的root已经加密为“726f6f74”,从网上找到加密算法比较简单,所以加密串看着也挺简单。 配置信息啰嗦完了,上代码: DataSourceFactory.java 继承BasicDataSourceFactory package com.axb.data.factory; import java.util.Enumeration; import java.util.Hashtable; import java.util.Properties; import javax.naming.Context; import javax.naming.Name; import javax.naming.RefAddr; import javax.naming.Reference; import javax.naming.StringRefAddr; import javax.sql.DataSource; import net.sf.json.JSONObject; import org.apache.tomcat.dbcp.dbcp.BasicDataSource; import org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory; import com.axb.data.factory.util.Encode; import com.axb.data.factory.util.HttpUtil; public class DataSourceFactory extends BasicDataSourceFactory { @Override public Object getObjectInstance(Object obj, Name name, Context nameCtx, Hashtable environment) throws Exception { if (obj instanceof Reference) { //用户名没有加密 // setUsername((Reference) obj); setPassword((Reference) obj); } return super.getObjectInstance(obj, name, nameCtx, environment); } private void setUsername(Reference ref) throws Exception { findDecryptAndReplace("username", ref); } private void setPassword(Reference ref) throws Exception { findDecryptAndReplace("password", ref); } private void findDecryptAndReplace(String refType, Reference ref) throws Exception { int idx = find(refType, ref); System.out.println(idx +"----->findDecryptAndReplace---" +ref.get(idx)); String decodeStr = ref.get(idx).getContent().toString(); System.out.println("findDecryptAndReplace---" +decodeStr); String decrypted = Encode.decode(decodeStr); replace(idx, refType, decrypted, ref); } private int find(String addrType, Reference ref) throws Exception { Enumeration enu = ref.getAll(); for (int i = 0; enu.hasMoreElements(); i++) { RefAddr addr = (RefAddr) enu.nextElement(); if (addr.getType().compareTo(addrType) == 0) { return i; } } throw new Exception("The \"" + addrType + "\" name/value pair was not found" + " in the Reference object. The reference Object is" + " " + ref.toString()); } private void replace(int idx, String refType, String newValue, Reference ref) throws Exception { ref.remove(idx); ref.add(idx, new StringRefAddr(refType, newValue)); } }加密类,可使用自己的加密算法,主要修改encode和decode两个方法,自己可以写个main方法测试加解密功能。代码也是从CSDN找的,连接: package com.axb.data.factory.util; public class Encode { //加密 public static String encode(String password) { String result = ""; byte[] psd = password.getBytes(); for (int i = 0; i < psd.length; i++) { result += Integer.toHexString(psd[i] & 0xff); } return result; } //解密 public static String decode(String password) { String result = ""; System.out.println("encode---->" +password); password = password.toUpperCase(); int length = password.length() / 2; char[] hexChars = password.toCharArray(); byte[] d = new byte[length]; for (int i = 0; i < length; i++) { int pos = i * 2; d[i] = (byte) (charToByte(hexChars[pos]) |
今日新闻 |
推荐新闻 |
| CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |