Preloader image
DDD

Java TIP

jasypt - jdbc.properties 암호화 (ENC)

작성자 관리자 (admin)
조회수 1,049
입력일 2020-06-29 10:21:14

4개의 파일만 수정하면 적용 가능 합니다.

1) pom.xml : jasypt dependency 추가
2) datasource.xml : encryption 설정
3) JasyptUtil.java : 암호화 파일 생성
4) jdbc.properties : DB Connection 설정

 

-- pom.xml
-- spring 3.x , 4.x 모두 사용 가능

<dependency>
    <groupId>org.jasypt</groupId>
    <artifactId>jasypt-spring31</artifactId>
    <version>1.9.2</version>
    <scope>compile</scope>
</dependency>

-- datasource.xml ( 명칭은 AA에 따라 달라질수 있음 )

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">

    <!-- encrypt properties -->
    <bean id="environmentVariablesConfiguration" class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
        <property name="algorithm" value="PBEWithMD5AndDES" />
    </bean>
    
    <bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
        <property name="config" ref="environmentVariablesConfiguration" />
        <property name="password" value="YOUR_PASSWORD_KEY" /> <!-- JasyptUtil.java 의 password와 일치 해야합니다.  -->
    </bean>
    
    <bean id="propertyConfigurer" class="org.jasypt.spring31.properties.EncryptablePropertyPlaceholderConfigurer">
        <constructor-arg ref="configurationEncryptor" />
        <property name="locations">
            <list>
                <value>classpath:jdbc.properties</value>
            </list>
        </property>
    </bean>
</beans>

-- JasyptUtil.java ( 암호화 자바 프로그램 )

package com.erp.common;

import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import org.junit.*;

/**
 * properties 암호화 module
 * @author user
 *
 */
public class JasyptUtil 
{
    @Test
    public void init()
    {
        StandardPBEStringEncryptor pbeEnc = new StandardPBEStringEncryptor();
        
        pbeEnc.setAlgorithm( "PBEWithMD5AndDES" ); // 암호화 방식
        pbeEnc.setPassword ( "YOUR_PASSWORD_KEY" ); // 암호화 KEY - datasource.xml 의 password 와 일치해야 합니다.

        // encrypt sample
        String url      = pbeEnc.encrypt("jdbc:log4jdbc:mysql://127.0.0.1:3306/khan666?zeroDateTimeBehavior=convertToNull&useUnicode=true&characterEncoding=utf8&autoReconnect=true");
        String username_e = pbeEnc.encrypt("root");
        String password_e = pbeEnc.encrypt("1234");

        // encrypt result
        System.out.println( "url        : " + url      );
        System.out.println( "username_e : " + username_e );
        System.out.println( "password_e : " + password_e );

        // decrypt sample
        String username_d = pbeEnc.decrypt("dJtBeUmE4jQpgirbiwZbKQ==");
        String password_d = pbeEnc.decrypt("s7y2QD9V+XTBZRHLYgjIZw==");

        // decrypt result
        System.out.println( "username_d : " + username_d );
        System.out.println( "password_d : " + password_d );
    }
}

-- jUnit Test RUN
-- JasyptUtil.java 마우스 오른 클릭 -> Run As -> jUnut Test -> 출력

url        : IQyOMonkgl2Jn7AIWhRIMq3RI9KA0UWVmYLv8onbHVW0mcsBVOpdBBivvLCjxm+CgVCk3OZLTHa1jM5yylEVIuLlFNbOujn16+ZW265aCSIvEowKWGh0zdgioro6JYx8plZA3RNUcvl9d92YTGTU9PsMfiIUXo7lTnS0WV1KyWoZoi3YcR9bdP11k19gkKzcOR1/80kbfZk=
username_e : k4nIoREkHMoiozxHyrSkjQ==
password_e : imx6XtxUoiuhHp+Vm2XbOw==
username_d : root
password_d : 1234

 

-- jdbc.properties

########################################################################################
# DB Connection
########################################################################################

ds1.jdbc.driver=net.sf.log4jdbc.DriverSpy
ds1.jdbc.url=ENC(xCQ9UbpVqTH8sW5rL7xOkTUlMbNevz95TL5lYRCgn5vpKlZtV8xxDNhRhrL++YCEE4qxDvG1ozxyxldkUGlOoD7//auXGOPQZz6XOLOO/OpS6F79JrLjxACByXbBF9eJXuVQCWxswbBIjv+NikADoFAGmIu5528uCzHWM3O6SQCRyCTc9dOXXO8XC0ekzEQePspy30K4ucU=)

ds1.jdbc.username=ENC(B/lwmdoLsY/bk4eHTLN3nQ==)
ds1.jdbc.password=ENC(ZRegogKccdvG+e6RfbkjWg==)

 

 

^