jasypt 를 이용한 JDBC 암호화 방법
1.org.apache.commons.dbcp.BasicDataSource를 Extends하여 class를 생성합니다.
package jasypt.DecryptDataSource;
import java.sql.SQLFeatureNotSupportedException;
import java.util.logging.Logger;
import org.apache.commons.dbcp.BasicDataSource;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
public class DecryptDataSource extends BasicDataSource{
public Logger getParentLogger() throws SQLFeatureNotSupportedException {
// TODO Auto-generated method stub
return null;
}
@Override
public void setPassword(String password) {
// TODO Auto-generated method stub
super.setPassword(encryptor(password));
}
@Override
public synchronized void setUrl(String url) {
// TODO Auto-generated method stub
super.setUrl(encryptor(url));
}
@Override
public void setUsername(String username) {
// TODO Auto-generated method stub
super.setUsername(encryptor(username));
}
public String encryptor(String param){
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
encryptor.setPassword("encKey");//암호화키
return encryptor.decrypt(param);
}
}
2.jdbc관련 xml설정화일
${jdbc.driverClass} ${jdbc.url} ${jdbc.username} ${jdbc.password} 2 100 20 3000 true 300000 300000 10 SELECT 1 FROM DUAL true true
3.encryptor java 생성
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
public class TestMain {
public static void main(String[] args) {
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
encryptor.setPassword("encKey"); //암호화키
String url = encryptor.encrypt("jdbc:oracle:thin:@192.168.0.40:1521:ORCL");
String username = encryptor.encrypt("username");
String password = encryptor.encrypt("password");
System.out.println("jdbc.url="+url);
System.out.println("jdbc.username="+username);
System.out.println("jdbc.password="+password);
}
}
4.jdbc.properties
jdbc.url=u0rJgMM3G0LHg761dyHwoxxB6hy4/ZAFBhyLuN94rFMbIc14LgXcwV6PNTDzpHayh2HiDB66oBM= jdbc.username=GKe/duL/+FgmPSu1ehRSP1z45x3BkVU+ jdbc.password=x5KqEWsyYg4XiFwWhi9WRR9Z/77cDCWc