修改proxool配置文件中密码为密文

proxool是不错的连接池,可是配置文件里数据库的密码默认是明文,感觉有点裸奔的感觉。想修改成密文。思路就是把datasource里的class设置为自己写的类,这个类继承org.logicalcobwebs.proxool.ProxoolDataSource;如:<bean id="dataSource" class="com.hclm.agency.db.DataSource">;
在这个类里取出密码的密文,解密然后重置proxool的密码和url。上代码:
/**
* 重写org.logicalcobwebs.proxool.ProxoolDataSource
* 重置数据库密码为明文
* @author Administrator
*
*/
public class DataSource extends org.logicalcobwebs.proxool.ProxoolDataSource {
/**
  * 重置数据库链接信息为明文
  */
public void setPassword(String mi) {
  super.setPassword(mi);
  String passWord = DesDecode(mi);
  super.setPassword(passWord);
  String url = reSetUrl(super.getDriverUrl(), super.getPassword());
  super.setDriverUrl(url);
}
    /*替换url的密码为明文*/
public String reSetUrl(String url, String pwd) {
  int begin = url.indexOf('/');
  int end = url.indexOf('@');
  String url2 = url.substring(0, begin + 1) + pwd + url.substring(end);
  return url2;
}
   
public String getPassword() {
  return super.getPassword();
}
/* 根据数据库配置文件密码密文得到明文 */
public String DesDecode(String mi) {
  DESUtil des = new DESUtil();
  des.getKey("HUACAIKEYG");
  String strDes = des.getDesString(mi);
  return strDes;
}
}
加密的类自己写就行了:
上示例:
package com.hclm.agency.web.util;
/*
字符串 DESede(3DES) 加密
*/
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import sun.misc.BASE64Encoder;

public class ThreeDes {

    private static final String Algorithm = "DESede"; //定义 加密算法,可用 DES,DESede,Blowfish
  
    //keybyte为加密密钥,长度为24字节
    //src为被加密的数据缓冲区(源)
    public static byte[] encryptMode(byte[] keybyte, byte[] src) {
       try {
            //生成密钥
            SecretKey deskey = new SecretKeySpec(keybyte, Algorithm);

            //加密
            Cipher c1 = Cipher.getInstance(Algorithm);
            c1.init(Cipher.ENCRYPT_MODE, deskey);
            return c1.doFinal(src);
        } catch (java.security.NoSuchAlgorithmException e1) {
            e1.printStackTrace();
        } catch (javax.crypto.NoSuchPaddingException e2) {
            e2.printStackTrace();
        } catch (java.lang.Exception e3) {
            e3.printStackTrace();
        }
        return null;
    }

    //keybyte为加密密钥,长度为24字节
    //src为加密后的缓冲区
    public static byte[] decryptMode(byte[] keybyte, byte[] src) {    
try {
            //生成密钥
            SecretKey deskey = new SecretKeySpec(keybyte, Algorithm);

            //解密
//            Cipher c1 = Cipher.getInstance(Algorithm);
            Cipher c1 = Cipher.getInstance("DESede/ECB/PKCS5Padding");
            c1.init(Cipher.DECRYPT_MODE, deskey);
            return c1.doFinal(src);
        } catch (java.security.NoSuchAlgorithmException e1) {
            e1.printStackTrace();
        } catch (javax.crypto.NoSuchPaddingException e2) {
            e2.printStackTrace();
        } catch (java.lang.Exception e3) {
            e3.printStackTrace();
        }
        return null;
    }

    //转换成十六进制字符串
    public static String byte2hex(byte[] b) {
        String hs="";
        String stmp="";

        for (int n=0;n<b.length;n++) {
            stmp=(java.lang.Integer.toHexString(b[n] & 0XFF));
            if (stmp.length()==1) hs=hs+"0"+stmp;
            else hs=hs+stmp;
            if (n<b.length-1)  hs=hs+":";
        }
        return hs.toUpperCase();
    }
  
    public static void main(String[] args)
    {
       
 
 
   BufferedReader reader;
   String input ;
   int i=0;
   try{
   while(true){
    if(i>0){
     System.out.println("<<结束请输入exit>>");
     }
    System.out.println("请输入密码明文:");   
    reader = new BufferedReader(new InputStreamReader(System.in));                  
  
      input= reader.readLine();
      // 处理控制台命令
      if (input.equals("exit")){
       break;
      }else if(input == null||input.length()<7) {
       System.out.println("明文字符串不能为空并且长度需要大于6");
          continue;
      }else {
       i++;
          input = input.trim();
        //添加新安全算法,如果用JCE就要把它添加进去
          Security.addProvider(new com.sun.crypto.provider.SunJCE());

          final byte[] keyBytes = {0x11, 0x22, 0x4F, 0x58, (byte)0x88, 0x10, 0x40, 0x38
                                 , 0x28, 0x25, 0x79, 0x51, (byte)0xCB, (byte)0xDD, 0x55, 0x66
                                 , 0x77, 0x29, 0x74, (byte)0x98, 0x30, 0x40, 0x36, (byte)0xE2};//24字节的密钥
          try {
     String szSrc = input;
     System.out.println("加密前的字符串:" + szSrc);       
     byte[] encoded = encryptMode(keyBytes, szSrc.getBytes());
     BASE64Encoder base64en = new BASE64Encoder();   
     System.out.println("加密后的字符串:" + Base64.encode(encoded));
     byte[] srcBytes = decryptMode(keyBytes, Base64.decode(Base64.encode(encoded)));
//     System.out.println("解密后的字符串:" + (new String(srcBytes)));
    } catch (Exception e) {
     // TODO Auto-generated catch block dCqB6+nmwnXOECa05SO3tA== 
     e.printStackTrace();
    }
      }
   }
  
    
   }catch(Exception e){
    e.printStackTrace();
   }
    }
}
来自:http://wangzhibing.blog.51cto.com/900184/191391

你可能感兴趣的:(java,算法,Web,Security,sun)