jasypt 를 이용한 JDBC 암호화 방법
1.org.apache.commons.dbcp.BasicDataSource를 Extends하여 class를 생성합니다.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
package jasypt.DecryptDataSource; import java.sql.SQLFeatureNotSupportedException; import java.util.logging.Logger; import org.apache.commons.dbcp.BasicDataSource; import org.jasypt.encryption.pbe.StandardPBEStringEncryptor; public class DecryptDataSource extends BasicDataSource{ public Logger getParentLogger() throws SQLFeatureNotSupportedException { // TODO Auto-generated method stub return null; } @Override public void setPassword(String password) { // TODO Auto-generated method stub super.setPassword(encryptor(password)); } @Override public synchronized void setUrl(String url) { // TODO Auto-generated method stub super.setUrl(encryptor(url)); } @Override public void setUsername(String username) { // TODO Auto-generated method stub super.setUsername(encryptor(username)); } public String encryptor(String param){ StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor(); encryptor.setPassword("encKey");//암호화키 return encryptor.decrypt(param); } } |
2.jdbc관련 xml설정화일
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
<bean id="pureDataSource" class="jasypt.DecryptDataSource"> <property name="driverClassName"> <value>${jdbc.driverClass}</value> </property> <property name="url"> <value>${jdbc.url}</value> </property> <property name="username"> <value>${jdbc.username}</value> </property> <property name="password"> <value>${jdbc.password}</value> </property> <property name="initialSize"> <value>2</value> </property> <property name="maxActive"> <value>100</value> </property> <property name="maxIdle"> <value>20</value> </property> <property name="maxWait"> <value>3000</value> </property> <property name="defaultAutoCommit"> <value>true</value> </property> <property name="minEvictableIdleTimeMillis"> <value>300000</value> </property> <property name="timeBetweenEvictionRunsMillis"> <value>300000</value> </property> <property name="numTestsPerEvictionRun"> <value>10</value> </property> <property name="validationQuery"> <value>SELECT 1 FROM DUAL</value> </property> <property name="testOnBorrow"> <value>true</value> </property> <property name="testWhileIdle"> <value>true</value> </property> </bean> |
3.encryptor java 생성
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor; public class TestMain { public static void main(String[] args) { StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor(); encryptor.setPassword("encKey"); //암호화키 String url = encryptor.encrypt("jdbc:oracle:thin:@192.168.0.40:1521:ORCL"); String username = encryptor.encrypt("username"); String password = encryptor.encrypt("password"); System.out.println("jdbc.url="+url); System.out.println("jdbc.username="+username); System.out.println("jdbc.password="+password); } } |
4.jdbc.properties
1 2 3 |
jdbc.url=u0rJgMM3G0LHg761dyHwoxxB6hy4/ZAFBhyLuN94rFMbIc14LgXcwV6PNTDzpHayh2HiDB66oBM= jdbc.username=GKe/duL/+FgmPSu1ehRSP1z45x3BkVU+ jdbc.password=x5KqEWsyYg4XiFwWhi9WRR9Z/77cDCWc |