4

好的,我在 server.xml 中的 Tomcat 5.5 中有一个资源,用于数据库连接,如下所示:

<Resource name="jdbc/MyApp" auth="Container" type="com.mchange.v2.c3p0.ComboPooledDataSource" driverClass="com.microsoft.sqlserver.jdbc.SQLServerDriver"  maxPoolSize="100"  minPoolSize="5"   
acquireIncrement="5"    
 user="username" 
password="password"
factory="org.apache.naming.factory.BeanFactory"  
jdbcUrl="jdbc:sqlserver://localhost:1433;databaseName=myDatabase;autoReconnect=true" />

有没有人尝试扩展上述 ComboPooledDataSource?问题是数据库密码是明文。思路是先对密码进行加密,将加密后的密钥放在server.xml中。我有一个解密实用程序,因此我可以在尝试连接到数据库之前解密密钥。

我为我的 org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory 问题找到了一个示例解决方案,但我没有使用这个连接池。我正在使用 C3P0。有人用 C3P0 试过这个吗?

4

4 回答 4

1

是的,您不能扩展com.mchange.v2.c3p0.ComboPooledDataSource,因为它是公开的。这是我实现这一目标的解决方法。

我已经扩展org.springframework.jdbc.datasource.TransactionAwareDataSourceProxy并传递了com.mchange.v2.c3p0.ComboPooledDataSource数据源作为构造函数参数。

这是我hibernate.cfg.xml对上述数据源的配置:

<bean id="dataSource" class="MyDataSource"> 
        <constructor-arg ref="c3p0DataSource" />
    </bean>

    <bean id="c3p0DataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
        destroy-method="close">
        <property name="driverClass" value="${jdbc.driver.className}" />
        <property name="jdbcUrl" value="${jdbc.url}" />
        <property name="user" value="${jdbc.username}" />
        <property name="password" value="${jdbc.password}" />
        <property name="acquireIncrement" value="${dataSource.acquireIncrement}" />
        <property name="acquireRetryAttempts" value="${dataSource.acquireRetryAttempts}" />
        <property name="acquireRetryDelay" value="${dataSource.acquireRetryDelay}" />
        <property name="autoCommitOnClose" value="${dataSource.autoCommitOnClose}" />
        <property name="breakAfterAcquireFailure" value="${dataSource.breakAfterAcquireFailure}" />
        <property name="checkoutTimeout" value="${dataSource.checkoutTimeout}" />
        <property name="debugUnreturnedConnectionStackTraces"
            value="${dataSource.debugUnreturnedConnectionStackTraces}" />
        <property name="forceIgnoreUnresolvedTransactions"
            value="${dataSource.forceIgnoreUnresolvedTransactions}" />
        <property name="idleConnectionTestPeriod" value="${dataSource.idleConnectionTestPeriod}" />
        <property name="initialPoolSize" value="${dataSource.initialPoolSize}" />
        <property name="maxAdministrativeTaskTime" value="${dataSource.maxAdministrativeTaskTime}" />
        <property name="maxConnectionAge" value="${dataSource.maxConnectionAge}" />
        <property name="maxIdleTime" value="${dataSource.maxIdleTime}" />
        <property name="maxIdleTimeExcessConnections" value="${dataSource.maxIdleTimeExcessConnections}" />
        <property name="maxPoolSize" value="${dataSource.maxPoolSize}" />
        <property name="maxStatements" value="${dataSource.maxStatements}" />
        <property name="maxStatementsPerConnection" value="${dataSource.maxStatementsPerConnection}" />
        <property name="minPoolSize" value="${dataSource.minPoolSize}" />
        <property name="numHelperThreads" value="${dataSource.numHelperThreads}" />
        <property name="propertyCycle" value="${dataSource.propertyCycle}" />
        <property name="testConnectionOnCheckin" value="${dataSource.testConnectionOnCheckin}" />
        <property name="testConnectionOnCheckout" value="${dataSource.testConnectionOnCheckout}" />
        <property name="unreturnedConnectionTimeout" value="${dataSource.unreturnedConnectionTimeout}" />
    </bean>

Mine jdbc.properties file:


jdbc.driver.className=com.microsoft.sqlserver.jdbc.SQLServerDriver
jdbc.url=xxxxx
jdbc.username=xxx
jdbc.password=xxxxxxxxx #Encrytped password here
jdbc.hibernate.dialect=org.hibernate.dialect.SQLServerDialect
hibernate.show_sql=false
hibernate.hbm2ddl.auto=update

dataSource.acquireIncrement=3
dataSource.acquireRetryAttempts=30
dataSource.acquireRetryDelay=60000
dataSource.autoCommitOnClose=false
dataSource.breakAfterAcquireFailure=false
dataSource.checkoutTimeout=0
dataSource.debugUnreturnedConnectionStackTraces=false
dataSource.forceIgnoreUnresolvedTransactions=false
dataSource.idleConnectionTestPeriod=0
dataSource.initialPoolSize=10
dataSource.maxAdministrativeTaskTime=0
dataSource.maxConnectionAge=0
dataSource.maxIdleTime=0
dataSource.maxIdleTimeExcessConnections=0
dataSource.maxPoolSize=10
dataSource.maxStatements=0
dataSource.maxStatementsPerConnection=0
dataSource.minPoolSize=10
dataSource.numHelperThreads=3
dataSource.propertyCycle=0
dataSource.testConnectionOnCheckin=false
dataSource.testConnectionOnCheckout=false
dataSource.unreturnedConnectionTimeout=0


Mine extended class where I decrypt the password before passing the datasource to transaction Proxy wrapper.

import javax.sql.DataSource;

import org.jasypt.util.text.BasicTextEncryptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.jdbc.datasource.TransactionAwareDataSourceProxy;

import com.csc.emms.common.EMMSConstraints;
import com.mchange.v2.c3p0.ComboPooledDataSource;

public class MyDataSource extends TransactionAwareDataSourceProxy
{
    private static char[] appName =
    {
            'B', 'I', 'N', 'G', 'O', 'D', 'I', 'N', 'G', 'O'
    };

    @Autowired
    // Inject your class by constructor
    MyDataSource(ComboPooledDataSource dataSource)
    {
        super.setTargetDataSource(decryptPassword(dataSource));
    }

    private DataSource decryptPassword(ComboPooledDataSource dataSource)
    {
        dataSource.setPassword(decode(dataSource.getPassword()));
        return dataSource;
    }

    private String decode(String encodedPassword)
    {
        BasicTextEncryptor decoder = new BasicTextEncryptor();
        decoder.setPasswordCharArray(appName);
        return decoder.decrypt(encodedPassword);
    }

    private String encode(String password)
    {
        BasicTextEncryptor encoder = new BasicTextEncryptor();
        encoder.setPasswordCharArray(appName);
        return encoder.encrypt(password);
    }
}
Hope this resolved your issue.
于 2013-11-12T16:58:29.133 回答
1

你不能扩展ComboPooledDataSource,但你基本上可以通过扩展它的父类来复制它,AbstractComboPooledDataSource. 您可以通过从 Github 获取源代码或反编译类文件来真正接近复制它。结果将如下所示:

import com.mchange.v2.c3p0.AbstractComboPooledDataSource;

public final class YourC3p0DataSource extends AbstractComboPooledDataSource
        implements Serializable, Referenceable {

    public void setPassword(String encryptedPassword) {
        try {
            String decryptedPassword
                    = yourDecryption(encryptedPassword);
            super.setPassword(decryptedPassword);
        } catch (Exception e) { /* ... */ }
    }
    /* Increment a few other methods found in ComboPooledDataSource. */
}
于 2017-07-26T22:10:50.620 回答
0

由于com.mchange.v2.c3p0.ComboPooledDataSource是公共最终类,因此您无法扩展它。

于 2013-08-21T13:35:23.187 回答
0

您可以使用jasypt加密属性文件,然后在数据源 bean 中使用加密的属性。

jasypt也支持 spring 并且非常容易使用。阅读本文了解更多详情。

于 2011-03-04T02:02:37.637 回答