spring boot配置druid数据库密码加密

前言

本文主要介绍如何在spring boot中配置druid中数据库密码加密。

1. 引入druid的包

    <dependency>
        <groupId>com.alibaba</groupId>
        <artifactId>druid-spring-boot-starter</artifactId>
        <version>1.1.10</version>
    </dependency>

2. 生成加密的密文和公钥

# 执行以下命令，其中123456是数据库的原始密码
$ java -cp druid-1.1.10.jar com.alibaba.druid.filter.config.ConfigTools 123456

# 下面是执行上面命令生成的内容
privateKey:MIIBVgIBADANBgkqhkiG9w0BAQEFAASCAUAwggE8AgEAAkEAgaN6I6Qjo0kAvHVUwePH/EjW+2wfhcmxkYDKfuE9HMzqfIiTIxGFFwubh8TKgy7GX8Ps1tXpZc3yO4xcYdZBxQIDAQABAkEAgVL160w5CREwnNBnhyyWOkTnwdUw9SQp8b8LQturPWh4I5PlD4PKkdan9PgkYmaHErZk/fm9tIJ044qG7zhRQQIhAM8fKVDZT1oeiOfuPdJU8dyDqi/hGjZyekfKjf3mcIYtAiEAoDtUNtVHbSG26AZB+j74VA5nUSLQykl6rR6mIYwKwPkCIQCzXtU1Az1JWnBOC3DWmmHrCst0M4mz5WgojC5z2AFS8QIhAIo5pDSJWMy0QO14OIKAwAkDQ+2icyuOp92giwB1pvFBAiBzl8jqQ8H1e4UDbQc/pmTcTzqVcA9woUq6WGPDcqo8dw==
publicKey:MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAIGjeiOkI6NJALx1VMHjx/xI1vtsH4XJsZGAyn7hPRzM6nyIkyMRhRcLm4fEyoMuxl/D7NbV6WXN8juMXGHWQcUCAwEAAQ==
password:RuFWHLrYz6DGVNHh61XJwO3Gf7x0UE92jXjIhn6bJsP4cWFFqn7zXjOgNYbgbDehyOh9nTDR/5jV0SRL9nGSWA==

其中:

• 123456是数据库的原始密码。
• privateKey:私钥，用不上，用于生成加密的密码
• publicKey:公钥
• password:加密后的密码

3. 配置

spring:
  datasource:
    druid:
      driver-class-name: oracle.jdbc.driver.OracleDriver
      url: jdbc:oracle:thin:@//127.0.0.1:1521/orcl
      username: test
      password: RuFWHLrYz6DGVNHh61XJwO3Gf7x0UE92jXjIhn6bJsP4cWFFqn7zXjOgNYbgbDehyOh9nTDR/5jV0SRL9nGSWA==
      filters: config
      connection-properties: config.decrypt=true;config.decrypt.key=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAIGjeiOkI6NJALx1VMHjx/xI1vtsH4XJsZGAyn7hPRzM6nyIkyMRhRcLm4fEyoMuxl/D7NbV6WXN8juMXGHWQcUCAwEAAQ==

采用这种方式并不能保证数据库密码的安全,druid采用了密文+公钥进行解密。