springboot配置druid数据库密码加密
一、说明
环境:idea 2019.2 + druid-1.1.6
springboot集成Druid 请参考博文:springboot项目配置Druid
二、执行命令加密数据库密码
java -cp druid的jar包路径 com.alibaba.druid.filter.config.ConfigTools you_password
2-1、项目中定位到druid的jar包
2-2、右键 -> Open Library Settings -> ctrl +c 复制jar路径
得到druid的jar包路径:
D:\apache-maven-3.3.9\mydata\Repository\com\alibaba\druid\1.1.6\druid-1.1.6.jar
2-3、打开cmd命令行窗口
假如你的密码是 1234
winds键 + r -> 输入cmd -> 按回车键
命令行执行(注意每次执行结果不一样,执行完请将结果复制保存下)
java -cp D:\apache-maven-3.3.9\mydata\Repository\com\alibaba\druid\1.1.6\druid-1.1.6.jar com.alibaba.druid.filter.config.ConfigTools 1234 >aaa.txt
输出:
cprivateKey:MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEA04tkqzedSRvSl4EDTVg183gKxSDlc1imRbLjBvAl+7w58rvmNP9lOT30uSPBVbN2i7u81PsW44aW/PE19mCU2wIDAQABAkBTvY9ZM8fAhBIGRVzgRjX9LhzdUhtiYMpZNuol+fSfRHfCKUWC3QkcizPP8KwazePslqVvpMJAX/AEg/sCN3Z5AiEA+5hmCo0bsly1Y7gwD45PVEjutoSXRnA9YGbMNfDU5IcCIQDXP36lE2TCfH8/alrXjE2KDjMvhN/urI6H0tJSlV+2DQIgD5/pRmJ5A9yqDyVTJsQpvQxCdudJFcDGrwPzTq5EKmUCIQC2YnPCFiO7c9gyeMDOgXC2OQAAFLvWNdpzlhxmo3E9BQIhAKu5ooDRq2b64sIc9UfS1h0rm4qfsGDBNjKOosM6Y7pc publicKey:MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANOLZKs3nUkb0peBA01YNfN4CsUg5XNYpkWy4wbwJfu8OfK75jT/ZTk99LkjwVWzdou7vNT7FuOGlvzxNfZglNsCAwEAAQ== password:tkn8Joi6uWC1ZRX/l3HQGUwfIN0RbNPOZNDaeaHLNrzxRDaBASxZ63CNSXk/aTRSGLvr0ZbpsVGzxozMFV9Baw==
命令行截图:
三、修改配置文件application.properties
3-1、password 修改为 上面命令行执行得到的password
spring.datasource.password=tkn8Joi6uWC1ZRX/l3HQGUwfIN0RbNPOZNDaeaHLNrzxRDaBASxZ63CNSXk/aTRSGLvr0ZbpsVGzxozMFV9Baw==
3-2、filter属性追加config
spring.datasource.filters=stat,wall,slf4j,config
3-3、connectionProperties属性
connectionProperties属性追加 ;config.decrypt=true;config.decrypt.key=${publickey}
${publickey}为上面命令行执行得到的publicKey
spring.datasource.connectionProperties=druid.stat.mergeSql=true;druid.stat.slowSqlMillis=5000;config.decrypt=true;config.decrypt.key=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANOLZKs3nUkb0peBA01YNfN4CsUg5XNYpkWy4wbwJfu8OfK75jT/ZTk99LkjwVWzdou7vNT7FuOGlvzxNfZglNsCAwEAAQ==
3-4、application.properties相关druid完整配置
spring.datasource.url=jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=utf-8 spring.datasource.username=root spring.datasource.password=tkn8Joi6uWC1ZRX/l3HQGUwfIN0RbNPOZNDaeaHLNrzxRDaBASxZ63CNSXk/aTRSGLvr0ZbpsVGzxozMFV9Baw== spring.datasource.driver-class-name=com.mysql.jdbc.Driver spring.datasource.type=com.alibaba.druid.pool.DruidDataSource #连接池的配置信息 ## 初始化大小,最小,最大 spring.datasource.initialSize=5 spring.datasource.minIdle=5 spring.datasource.maxActive=20 ## 配置获取连接等待超时的时间 spring.datasource.maxWait=60000 # 配置间隔多久才进行一次检测,检测需要关闭的空闲连接,单位是毫秒 spring.datasource.timeBetweenEvictionRunsMillis=60000 # 配置一个连接在池中最小生存的时间,单位是毫秒 spring.datasource.minEvictableIdleTimeMillis=300000 spring.datasource.validationQuery=SELECT 1 FROM DUAL spring.datasource.testWhileIdle=true spring.datasource.testOnBorrow=false spring.datasource.testOnReturn=false # 打开PSCache,并且指定每个连接上PSCache的大小(防火墙这一块一定不能开,sqlite不支持,会导致奇怪的异常) spring.datasource.poolPreparedStatements=false spring.datasource.maxPoolPreparedStatementPerConnectionSize=20 # 配置监控统计拦截的filters,去掉后监控界面sql无法统计,'wall'用于防火墙 spring.datasource.filters=stat,wall,slf4j,config # 通过connectProperties属性来打开mergeSql功能;慢SQL记录 spring.datasource.connectionProperties=druid.stat.mergeSql=true;druid.stat.slowSqlMillis=5000;config.decrypt=true;config.decrypt.key=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANOLZKs3nUkb0peBA01YNfN4CsUg5XNYpkWy4wbwJfu8OfK75jT/ZTk99LkjwVWzdou7vNT7FuOGlvzxNfZglNsCAwEAAQ== # 合并多个DruidDataSource的监控数据 spring.datasource.useGlobalDataSourceStat=true
四、启动springboot项目验证
五、官网参考
https://github.com/alibaba/druid/wiki/%E4%BD%BF%E7%94%A8ConfigFilter
六、解密
public static void main(String[] args) {
String pwd = "Z8w7Q6hQ87k7hfcREdK5oIAMPBMjBX4YzazHfz0SR42sOFyOW5DTRwV18blXkFJ8EftvKkQMuRw5YxFF8al+Qw==";
String pub = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKmzTBHpY+2ovMM4XK4KVRtt+uMYSgddjE4whx0vL3orgSwCM6x0JjQov1SD26eQrZVMXJuaP42VNKup5sn20UcCAwEAAQ==";
try {
String depwd = ConfigTools.decrypt(pub, pwd);
System.out.println(depwd);
} catch (Exception e) {
e.printStackTrace();
}
}
