数据库密码加密

在平台中密码是配置在app.properties 中的，是明文的，如果用户看到这个文件，他可以使用这个密码连接数据库。

我们可以对密码加密：

具体做法：

1.生成密码

java -cp druid-1.0.26.jar com.alibaba.druid.filter.config.ConfigTools root

生成如下：

E:\work\redxun\jsaas\src\main\webapp\WEB-INF\lib>java -cp druid-1.0.26.jar com.alibaba.druid.filter.config.ConfigTools root
privateKey:MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEApFI3OHSQlVV+nSRgISE1WW7yiazo673C1VjzY2sNDpLe6Do9myPJE+GciW/gEFxXJVImeyJ8rgJtturdgXbxgwIDAQABAkBXSg1nghRkH9x4oaAnOTrb3WId3KqGwHFFYFE6mN2AxY51BWNtYoY2O9Ka/tTAnxU7oSyplLXsI3InQ5krshyBAiEA1Hy1+yu8wTt8bGChf6bW+QwC729mbTd0Ld7aIOUKSOMCIQDF+HtUSI/2YgF/7/gDYadxspv/J5vEoQiIn1Qibk824QIgJKGDNdOqbJ12q7BU5w66DKEXeHN58uYWbzn13KnfhgUCIQC1a4LJuD2FkkbBkY18u88Q2JcweoG67b++RBR8AQ7CwQIgVQkqS9BQDtOOGmL3ui/MfcER/76/2Bd9/uoVBO88PyQ=
publicKey:MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKRSNzh0kJVVfp0kYCEhNVlu8oms6Ou9wtVY82NrDQ6S3ug6PZsjyRPhnIlv4BBcVyVSJnsifK4Cbbbq3YF28YMCAwEAAQ==
password:R0hFXxPsfUsHAPF3sKQg0uVqaRS8nFiwXN2evy23lhvg17V21PQf8Aod84moadzbU2XoMCXWQldhBI9XV6RfZQ==

 

2.修改app.properties 文件

db.url=jdbc:mysql://localhost:3306/jsaas0130?useUnicode=true&characterEncoding=utf-8
db.username=root
db.password=R0hFXxPsfUsHAPF3sKQg0uVqaRS8nFiwXN2evy23lhvg17V21PQf8Aod84moadzbU2XoMCXWQldhBI9XV6RfZQ==
db.jpaPlatform=org.hibernate.dialect.MySQLInnoDBDialect
db.type=mysql
db.publicKey=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKRSNzh0kJVVfp0kYCEhNVlu8oms6Ou9wtVY82NrDQ6S3ug6PZsjyRPhnIlv4BBcVyVSJnsifK4Cbbbq3YF28YMCAwEAAQ==

 

3.修改 spring-base.xml

 

<!-- 配置监控统计拦截的filters -->

        <property name="filters" value="stat,config" />

         

        <property name="connectionProperties" value="config.decrypt=true;config.decrypt.key=${db.publicKey}" />

filters 增加 config

增加 属性 connectionProperties

connectionProperties

connectionProperties