ShardingSphere 4.x Sharding-JDBC 用户手册之数据脱敏使用手册

该章节主要介绍如何使用数据脱敏功能，如何进行相关配置。数据脱敏功能即可与数据分片功能共同使用，又可作为单独功能组件，独立使用。
与数据分片功能共同使用时，会创建ShardingDataSource；单独使用时，会创建EncryptDataSource来完成数据脱敏功能。

不使用Spring

引入Maven依赖

    org.apache.shardingsphere
    sharding-jdbc-core
    ${sharding-sphere.version}

基于Java编码的规则配置

       // 配置数据源
       BasicDataSource dataSource = new BasicDataSource();
       dataSource.setDriverClassName("com.mysql.jdbc.Driver");
       dataSource.setUrl("jdbc:mysql://127.0.0.1:3306/encrypt");
       dataSource.setUsername("root");
       dataSource.setPassword("");
       
       // 配置脱敏规则
       Properties props = new Properties();
       props.setProperty("aes.key.value", "123456");
       EncryptorRuleConfiguration encryptorConfig = new EncryptorRuleConfiguration("AES", props);
       EncryptColumnRuleConfiguration columnConfig = new EncryptColumnRuleConfiguration("plain_pwd", "cipher_pwd", "", "aes");
       EncryptTableRuleConfiguration tableConfig = new EncryptTableRuleConfiguration(Collections.singletonMap("pwd", columnConfig));
       EncryptRuleConfiguration encryptRuleConfig = new EncryptRuleConfiguration();
       encryptRuleConfig.getEncryptors().put("aes", encryptorConfig);
       encryptRuleConfig.getTables().put("t_encrypt", tableConfig);
       
       // 获取数据源对象
       DataSource dataSource = EncryptDataSourceFactory.createDataSource(dataSource, encryptRuleConfig, new Properties());

基于Yaml的规则配置

或通过Yaml方式配置，与以上配置等价：

dataSource:  !!org.apache.commons.dbcp2.BasicDataSource
  driverClassName: com.mysql.jdbc.Driver
  url: jdbc:mysql://127.0.0.1:3306/encrypt?serverTimezone=UTC&useSSL=false
  username: root
  password:

encryptRule:
  tables:
    t_order:
      columns:
        user_id:
          cipherColumn: user_cipher
          encryptor: order_encryptor
  encryptors:
    order_encryptor:
      type: aes
      props:
        aes.key.value: 123456
props:
  query.with.cipher.column: true #是否使用密文列查询

    DataSource dataSource = YamlEncryptDataSourceFactory.createDataSource(yamlFile);

使用Spring

引入Maven依赖

    org.apache.shardingsphere
    sharding-jdbc-spring-boot-starter
    ${sharding-sphere.version}




    org.apache.shardingsphere
    sharding-jdbc-spring-namespace
    ${sharding-sphere.version}

基于Spring boot的规则配置

spring.shardingsphere.datasource.name=ds

spring.shardingsphere.datasource.ds.type=org.apache.commons.dbcp2.BasicDataSource
spring.shardingsphere.datasource.ds.driver-class-name=com.mysql.jdbc.Driver
spring.shardingsphere.datasource.ds.url=jdbc:mysql://127.0.0.1:3306/encrypt?serverTimezone=UTC&useSSL=false
spring.shardingsphere.datasource.ds.username=root
spring.shardingsphere.datasource.ds.password=
spring.shardingsphere.datasource.ds.max-total=100

spring.shardingsphere.encrypt.encryptors.encryptor_aes.type=aes
spring.shardingsphere.encrypt.encryptors.encryptor_aes.props.aes.key.value=123456
spring.shardingsphere.encrypt.tables.t_order.columns.user_id.plainColumn=user_decrypt
spring.shardingsphere.encrypt.tables.t_order.columns.user_id.cipherColumn=user_encrypt
spring.shardingsphere.encrypt.tables.t_order.columns.user_id.assistedQueryColumn=user_assisted
spring.shardingsphere.encrypt.tables.t_order.columns.user_id.encryptor=encryptor_aes

spring.shardingsphere.props.sql.show=true
spring.shardingsphere.props.query.with.cipher.column=true

基于Spring boot + JNDI的规则配置

如果您计划使用Spring boot + JNDI的方式，在应用容器（如Tomcat）中使用Sharding-JDBC时，可使用spring.shardingsphere.datasource.${datasourceName}.jndiName来代替数据源的一系列配置。
如：

spring.shardingsphere.datasource.name=ds

spring.shardingsphere.datasource.ds.jndi-name=java:comp/env/jdbc/ds

spring.shardingsphere.encrypt.encryptors.encryptor_aes.type=aes
spring.shardingsphere.encrypt.encryptors.encryptor_aes.props.aes.key.value=123456
spring.shardingsphere.encrypt.tables.t_order.columns.user_id.plainColumn=user_decrypt
spring.shardingsphere.encrypt.tables.t_order.columns.user_id.cipherColumn=user_encrypt
spring.shardingsphere.encrypt.tables.t_order.columns.user_id.assistedQueryColumn=user_assisted
spring.shardingsphere.encrypt.tables.t_order.columns.user_id.encryptor=encryptor_aes

spring.shardingsphere.props.sql.show=true
spring.shardingsphere.props.query.with.cipher.column=true

基于Spring命名空间的规则配置

    
   
    
        
        
        
        
        
    
    
    
        123456
    
    
    
        
            
                
                    
                    
                
            
            
                
                
            
        
        
            true
            true
        
    

在Spring中使用DataSource

直接通过注入的方式即可使用DataSource，或者将DataSource配置在JPA、Hibernate或MyBatis中使用。

@Resource
private DataSource dataSource;