jasypt 를 이용한 JDBC 암호화 방법
1.org.apache.commons.dbcp.BasicDataSource를 Extends하여 class를 생성합니다.
package jasypt.DecryptDataSource; import java.sql.SQLFeatureNotSupportedException; import java.util.logging.Logger; import org.apache.commons.dbcp.BasicDataSource; import org.jasypt.encryption.pbe.StandardPBEStringEncryptor; public class DecryptDataSource extends BasicDataSource{ public Logger getParentLogger() throws SQLFeatureNotSupportedException { // TODO Auto-generated method stub return null; } @Override public void setPassword(String password) { // TODO Auto-generated method stub super.setPassword(encryptor(password)); } @Override public synchronized void setUrl(String url) { // TODO Auto-generated method stub super.setUrl(encryptor(url)); } @Override public void setUsername(String username) { // TODO Auto-generated method stub super.setUsername(encryptor(username)); } public String encryptor(String param){ StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor(); encryptor.setPassword("encKey");//암호화키 return encryptor.decrypt(param); } }
2.jdbc관련 xml설정화일
${jdbc.driverClass} ${jdbc.url} ${jdbc.username} ${jdbc.password} 2 100 20 3000 true 300000 300000 10 SELECT 1 FROM DUAL true true
3.encryptor java 생성
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor; public class TestMain { public static void main(String[] args) { StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor(); encryptor.setPassword("encKey"); //암호화키 String url = encryptor.encrypt("jdbc:oracle:thin:@192.168.0.40:1521:ORCL"); String username = encryptor.encrypt("username"); String password = encryptor.encrypt("password"); System.out.println("jdbc.url="+url); System.out.println("jdbc.username="+username); System.out.println("jdbc.password="+password); } }
4.jdbc.properties
jdbc.url=u0rJgMM3G0LHg761dyHwoxxB6hy4/ZAFBhyLuN94rFMbIc14LgXcwV6PNTDzpHayh2HiDB66oBM= jdbc.username=GKe/duL/+FgmPSu1ehRSP1z45x3BkVU+ jdbc.password=x5KqEWsyYg4XiFwWhi9WRR9Z/77cDCWc