}* 암호화 문자 생성set classpath=jasypt\1.9.0\jasypt-1.9.0.jar
java -cp .;%classpath% com.sample.crypto.StringEncryptor {암호화할 문자}
* applicationContext-resource.xml
<bean id="encryptorConfig"
class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
<property name="algorithm" value="PBEWithMD5AndDES" />
<property name="passwordEnvName" value="APP_ENCRYPTION_PASSWORD" />
</bean>
<bean id="encryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="config" ref="encryptorConfig" /> <property name="password" value="" /> <!-- StringEncryptor.java 의 Key
<bean id="propertyConfigurer"
class="org.jasypt.spring3.properties.EncryptablePropertyPlaceholderConfigurer">
<constructor-arg ref="encryptor" />
<property name="locations">
<list>
<value>classpath:config/${osp.server.type}/applicationSystemConfig.xml</value>
</list>
</property>
</bean>
* applicationSystemConfig.xml (ENC로 감싸진 문자가 암호화된 문자임.)
<entry key="mysql.jdbc.driverClassName">core.log.jdbc.driver.MysqlDriver</entry>
<entry key="mysql.jdbc.url">jdbc:mysql://localhost:3306/sample</entry>
<entry key="mysql.jdbc.username">scott</entry>
<entry key="mysql.jdbc.password">ENC(ne3e529X5YPW2IdfL0G0bg==)</entry>
http://www.jasypt.org/spring3.html http://blog.teamextension.com/quick-jasypt-spring-3-tutorial-626 ===================================================================================
프로젝트에서 IBatis 도입을 하려는데, DB 접속 패스워드를 암호화된 파일로만
관리해야한다는 제약이 있어 도입을 늦추고 있었다.
IBatis 원 소스를 수정할까 고민하여 구글링을 하는데,
초기화시 다음과 같은 방법으로 설정파일에 든 password 를 엎어칠수가 있었다능..
먼저, sqlmapConfig.xml 에 다음과 같이 원하는 항목에 변수를 지정한다.
.....
<property name="JDBC.ConnectionURL" value="${url}" />
<property name="JDBC.Username" value="${username}" />
<property name="JDBC.Password" value="${password}" />
.....
SqlMapConfig.xml 을 읽어들이는 초기화 소스에,
위에서 ${password} 지정했던 동일한 key( 예. password )로 아래 Properties 를 세팅한다.
Reader reader = Resources.getResourceAsReader("SqlMapConfig.xml");
String sPassword = decryptPassword();
Properties properties = new Properties();
properties.setProperty("password", sPassword);
client = SqlMapClientBuilder.buildSqlMapClient(reader, properties);
decryptPassword() 메소드는 자체적으로 특정파일에 암호화된
DB접속 패스워드를 decrypt 하는 메소드이니,
상황에 따라 적절히 구현하면 되겟고,
이후 Properties에 담아 buildSqlMapClient 에 넘기면 되겠다.
url 이나 username 도 동일한 방법으로 설정이 가능한데. ibatis 소스에 보면 config.xml 파일의 ${xxxxxxx} 패턴의 value 를 Properties 로 replace하도록 되어있군.
mybatis 로 바뀌고는 예전 ibatis repository를 잘 못 찾겠음.
http://code.google.com/p/mybatis/source/browse/
:)
출처 - http://blog.naver.com/olovesun?Redirect=Log&logNo=10037215677
===================================================================================
Hi,
i met this condition once when i had to encrypt my database connection on an desktop application,
the workaround is by put encrypted
password + username on a properties file,
and load it on SqlSessionFactoryBuilder class after i decrypt it.
*--------------------- class where i load my properties file and decrypt it -------------*
public class MyBatisSqlSessionFactory {
protected static final SqlSessionFactory FACTORY;
static {
try {
// load my properties file
File file = new File("database.properties");
FileInputStream fileInputStream = new FileInputStream(file);
Properties properties = new Properties();
properties.load(fileInputStream);
fileInputStream.close();
// put my decrypt username and password on Properties
Properties jdbcProp = new Properties();
EncryptionFactory encryptionFactory = EncryptionFactory.getFactory();
jdbcProp.setProperty("JDBC.Password", encryptionFactory.decrypt(properties.getProperty("JDBC.Password")));
jdbcProp.setProperty("JDBC.Username", encryptionFactory.decrypt(properties.getProperty("JDBC.Username")));
Reader reader = Resources.getResourceAsReader("com/baculsoft/mybatis/xml/Configuration.xml");
FACTORY = new SqlSessionFactoryBuilder().build(reader,properties);
} catch (Exception e){
throw new RuntimeException("Fatal Error. Cause: " + e, e);
}
}
public static SqlSessionFactory getSqlSessionFactory() {
return FACTORY;
}
}
*--------------------- my database.properties -------------*
JDBC.Username=7GY1NGTIIkl788aCQqhIck9Hw==
JDBC.Password=5HOxG3c6ovDu77wed3pPMU1weouJqzieCdB
well, it's not pretty but at least it works. :)
On Fri, Dec 31, 2010 at 13:32, Halloweenx8
<[hidden email]> wrote:
<dataSource type="POOLED">
<property name="driver" value="${driverClassName}" />
<property name="url" value="${url}" />
<property name="username" value="${username}" />
<property name="password" value="${password}" />
</dataSource>
i need to encrypt the database password in this file used by myBatis
Any idea how would decrypt it using myBatis?
--
Regards,
edwin.
