热门标签
当前位置: article > 正文
SpringBoot整合ShardingSphere5.x实现数据加解密功能_spring项目引入sharding-jdbc加密
作者:IT小白 | 2024-06-25 16:56:57
赞
踩
spring项目引入sharding-jdbc加密
环境:Springboot2.6.14 + ShardingSphere5.3.0
准备环境
-
添加依赖
- <dependency>
- <groupId>org.apache.shardingsphere</groupId>
- <artifactId>shardingsphere-jdbc-core</artifactId>
- <version>${shardingsphere.version}</version>
- </dependency>
- <dependency>
- <groupId>com.baomidou</groupId>
- <artifactId>mybatis-plus-boot-starter</artifactId>
- <version>${mybatis-plus.version}</version>
- </dependency>
- <dependency>
- <groupId>com.baomidou</groupId>
- <artifactId>mybatis-plus-generator</artifactId>
- <version>${mybatis-plus.version}</version>
- </dependency>
- 数据表users
-
pwd:明文字段
-
pwd_clipher:密文字段
-
assisted_query_pwd:查询辅助列
-
配置文件
application.yml配置文件(Springboot)
- spring:
- datasource:
- driverClassName: org.apache.shardingsphere.driver.ShardingSphereDriver
- url: jdbc:shardingsphere:classpath:config.yaml
- name: EncryptHikariCP
- ---
- mybatis-plus:
- configuration:
- mapUnderscoreToCamelCase: true
- mapperLocations: classpath*:/mapper/**/*.xml
- typeAliasesPackage: com.pack
config.yaml配置文件(ShardingSphere)
- #数据源配置
- dataSources:
- ds1:
- dataSourceClassName: com.zaxxer.hikari.HikariDataSource
- driverClassName: com.mysql.cj.jdbc.Driver
- jdbcUrl: jdbc:mysql://localhost:3306/testjpa?serverTimezone=GMT%2B8&useSSL=false
- username: root
- password: 123123
- minimumIdle: 10
- maximumPoolSize: 200
- autoCommit: true
- idleTimeout: 30000
- poolName: MasterHikariCP
- maxLifetime: 1800000
- connectionTimeout: 30000
- connectionTestQuery: SELECT 1
- #规则配置
- rules:
- - !ENCRYPT #加解密相关配置
- tables:
- users:
- columns:
- pwd: #逻辑列(如果是老系统一般都会吧这个逻辑列和实际物理列名一致)
- plainColumn: pwd #实际物理列名
- cipherColumn: pwd_cipher #加密后的列名
- encryptorName: pwd_encryptor #加密列使用的加密算法(对应下面的配置)
- #assistedQueryColumn: assisted_query_pwd
- #assistedQueryEncryptorName: assisted_encryptor
- queryWithCipherColumn: true
- encryptors:
- pwd_encryptor:
- type: SM4
- props:
- sm4-key: aaaabbbbccccdddd1111222233334444
- sm4-mode: ECB
- sm4-iv: aabbccddeeffgghh
- sm4-padding: PKCS7Padding
- assisted_encryptor:
- type: SM3
- props:
- sm3-salt: aaaabbbb
- #执行时打印SQL
- props:
- sql-show: true
有了上面配置后,接下来就可以进行相应的CRUD操作了。
CRUD操作
实体对象
-
- @TableName("users")
- public class Users {
-
- @TableId(type = IdType.ASSIGN_ID)
- private Long id;
- private String name;
- @TableField("id_no")
- private String idNo ;
- private Integer age;
- private String email;
- private String pwd ;
- }
Mapper类
-
- public interface UsersMapper extends BaseMapper<Users> {
-
- }
测试类
-
- @SpringBootTest
- public class UserMapperTest {
-
- @Resource
- private UsersMapper usersMapper ;
- @Resource
- private IUsersService us ;
- @Resource
- private List<DataSource> dataSources ;
-
- @Test
- public void testUserList() {
- QueryWrapper<Users> queryWrapper = new QueryWrapper<>() ;
- queryWrapper.eq("pwd", "999999") ;
- System.out.println(this.usersMapper.selectList(queryWrapper)) ;
- }
-
- @Test
- public void testSave() {
- Users user = new Users() ;
- user.setAge(99) ;
- user.setEmail("99999@qq.com") ;
- user.setIdNo("999999") ;
- user.setName("久久") ;
- user.setPwd("999999") ;
-
- this.usersMapper.insert(user) ;
- }
-
- }
测试结果
数据源及查询辅助列
-
数据源配置
在config.yaml文件中我们配置了连接池信息,但是实际没有生效。如上配置的最小连接数是10,最大是200,但是实际打印都成了默认值都是10。最后修改连接池配置方式如下:
- spring:
- datasource:
- driverClassName: org.apache.shardingsphere.driver.ShardingSphereDriver
- url: jdbc:shardingsphere:classpath:config.yaml
- name: EncryptHikariCP
- hikari:
- minimumIdle: 10
- maximumPoolSize: 200
- autoCommit: true
- idleTimeout: 30000
- poolName: BaseHikariCP
- maxLifetime: 1800000
- connectionTimeout: 30000
- connectionTestQuery: SELECT 1
如上配置后连接池才正常。
-
辅助查询列
辅助查询列会根据你的配置是否使用辅助列,当没有配置辅助查询列时,执行SQL如下:
使用的是加密列进行查询了
当配置了辅助查询列后:
使用的是辅助列查询。
完毕!!!
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/IT小白/article/detail/756830
推荐阅读
- 1.JDBC连接Mysql5
mysql [详细] 赞
踩
相关标签
