낭군이
371
2015-12-24 11:24:33
5
3481

톰캣6.0 DBCP 접속 주소/아이디/비밀번호 암호화 가능한가요?


톰캣6.0에서

DBCP (server.xml) 접속 주소/아이디/비밀번호 암호화하는


방법이 있나요?




0
  • 답변 5

  • 잡초
    1k
    2015-12-24 12:14:27

    db접속 정보요?

    xml?

    암호화 가능 합니다.



  • 낭군이
    371
    2015-12-24 12:28:22

    잡초님/감사합니다. 구글링 해봐야겠네요.

  • kskmw2000
    22
    2015-12-24 13:39:16

    http://gt1000.tistory.com/entry/Tomcat-Serverxml-DBCP-%EC%84%A4%EC%A0%95-%EB%B6%80%EB%B6%84-%EC%95%94%ED%98%B8%ED%99%94-%EB%B0%A9%EB%B2%95 

    이 url를 참고하시면 될 듯 합니다.

  • 낭군이
    371
    2015-12-24 16:55:23
    kskmw2000님/감사합니당
  • dlqorgod
    396
    2015-12-24 16:58:51

    아래와 같이 하면 될 것 같은데...

    체크아웃 받으셔서 테스트 해보세요~~~

    jdk1.7 tomcat6


    /godsoft.tomcat6-datasource-password-encryption/src/main/java/godsoft/org/apache/tomcat/dbcp/dbcp/Encryptor.java

    http://www.jdev.it/encrypting-passwords-in-tomcat/

    package godsoft.org.apache.tomcat.dbcp.dbcp;
    
    import java.io.UnsupportedEncodingException;
    import java.security.InvalidKeyException;
    import java.security.Key;
    import java.security.MessageDigest;
    import java.security.NoSuchAlgorithmException;
    import java.util.Arrays;
    
    import javax.crypto.BadPaddingException;
    import javax.crypto.Cipher;
    import javax.crypto.IllegalBlockSizeException;
    import javax.crypto.KeyGenerator;
    import javax.crypto.NoSuchPaddingException;
    import javax.crypto.spec.SecretKeySpec;
    
    public class Encryptor {
    
    	private static final String ALGORITHM = "AES";
    
    	private static final String defaultSecretKey = "ThisIsAVeryVerySecretKey";
    
    	private Key secretKeySpec;
    
    	public Encryptor() throws InvalidKeyException, NoSuchAlgorithmException,
    			NoSuchPaddingException, UnsupportedEncodingException {
    		this(null);
    	}
    
    	public Encryptor(String secretKey) throws NoSuchAlgorithmException,
    			NoSuchPaddingException, InvalidKeyException,
    			UnsupportedEncodingException {
    		this.secretKeySpec = generateKey(secretKey);
    	}
    
    	public String encrypt(String plainText) throws InvalidKeyException,
    			NoSuchAlgorithmException, NoSuchPaddingException,
    			IllegalBlockSizeException, BadPaddingException,
    			UnsupportedEncodingException {
    		Cipher cipher = Cipher.getInstance(ALGORITHM);
    		cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
    		byte[] encrypted = cipher.doFinal(plainText.getBytes("UTF-8"));
    		return asHexString(encrypted);
    	}
    
    	public String decrypt(String encryptedString) throws InvalidKeyException,
    			IllegalBlockSizeException, BadPaddingException,
    			NoSuchAlgorithmException, NoSuchPaddingException {
    		Cipher cipher = Cipher.getInstance(ALGORITHM);
    		cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
    		byte[] original = cipher.doFinal(toByteArray(encryptedString));
    		return new String(original);
    	}
    
    	private Key generateKey(String secretKey)
    			throws UnsupportedEncodingException, NoSuchAlgorithmException {
    		if (secretKey == null) {
    			secretKey = defaultSecretKey;
    		}
    		byte[] key = (secretKey).getBytes("UTF-8");
    		MessageDigest sha = MessageDigest.getInstance("SHA-1");
    		key = sha.digest(key);
    		key = Arrays.copyOf(key, 16); // use only the first 128 bit
    
    		KeyGenerator kgen = KeyGenerator.getInstance("AES");
    		kgen.init(128); // 192 and 256 bits may not be available
    
    		return new SecretKeySpec(key, ALGORITHM);
    	}
    
    	private final String asHexString(byte buf[]) {
    		StringBuffer strbuf = new StringBuffer(buf.length * 2);
    		int i;
    		for (i = 0; i < buf.length; i++) {
    			if ((buf[i] & 0xff) < 0x10) {
    				strbuf.append("0");
    			}
    			strbuf.append(Long.toString(buf[i] & 0xff, 16));
    		}
    		return strbuf.toString();
    	}
    
    	private final byte[] toByteArray(String hexString) {
    		int arrLength = hexString.length() >> 1;
    		byte buf[] = new byte[arrLength];
    		for (int ii = 0; ii < arrLength; ii++) {
    			int index = ii << 1;
    			String l_digit = hexString.substring(index, index + 2);
    			buf[ii] = (byte) Integer.parseInt(l_digit, 16);
    		}
    		return buf;
    	}
    
    	public static void main(String[] args) throws Exception {
    		if (args.length == 1 || args.length == 2) {
    			String plainText = args[0];
    			String secretKey = args.length == 2 ? args[1] : null;
    			Encryptor aes = null;
    			if (secretKey == null) {
    				aes = new Encryptor();
    			} else {
    				aes = new Encryptor(secretKey);
    			}
    			String encryptedString = aes.encrypt(plainText);
    			System.out.println(plainText + ":" + encryptedString);
    		} else {
    			System.out.println("USAGE: java AES string-to-encrypt [secretKey]");
    		}
    	}
    
    }
    


    /godsoft.tomcat6-datasource-password-encryption/src/main/java/godsoft/org/apache/tomcat/dbcp/dbcp/GodsoftBasicDataSourceFactory.java


    package godsoft.org.apache.tomcat.dbcp.dbcp;
    
    import java.util.Hashtable;
    import java.util.Properties;
    
    import javax.naming.Context;
    import javax.naming.Name;
    import javax.naming.RefAddr;
    import javax.naming.Reference;
    
    import org.apache.tomcat.dbcp.dbcp.BasicDataSource;
    import org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory;
    
    public class GodsoftBasicDataSourceFactory extends BasicDataSourceFactory {
    
    	private final static String PROP_DEFAULTAUTOCOMMIT = "defaultAutoCommit";
    	private final static String PROP_DEFAULTREADONLY = "defaultReadOnly";
    	private final static String PROP_DEFAULTTRANSACTIONISOLATION = "defaultTransactionIsolation";
    	private final static String PROP_DEFAULTCATALOG = "defaultCatalog";
    	private final static String PROP_DRIVERCLASSNAME = "driverClassName";
    	private final static String PROP_MAXACTIVE = "maxActive";
    	private final static String PROP_MAXIDLE = "maxIdle";
    	private final static String PROP_MINIDLE = "minIdle";
    	private final static String PROP_INITIALSIZE = "initialSize";
    	private final static String PROP_MAXWAIT = "maxWait";
    	private final static String PROP_TESTONBORROW = "testOnBorrow";
    	private final static String PROP_TESTONRETURN = "testOnReturn";
    	private final static String PROP_TIMEBETWEENEVICTIONRUNSMILLIS = "timeBetweenEvictionRunsMillis";
    	private final static String PROP_NUMTESTSPEREVICTIONRUN = "numTestsPerEvictionRun";
    	private final static String PROP_MINEVICTABLEIDLETIMEMILLIS = "minEvictableIdleTimeMillis";
    	private final static String PROP_TESTWHILEIDLE = "testWhileIdle";
    	private final static String PROP_PASSWORD = "password";
    	private final static String PROP_URL = "url";
    	private final static String PROP_USERNAME = "username";
    	private final static String PROP_VALIDATIONQUERY = "validationQuery";
    	private final static String PROP_VALIDATIONQUERY_TIMEOUT = "validationQueryTimeout";
    	/**
    	 * The property name for initConnectionSqls. The associated value String
    	 * must be of the form [query;]*
    	 * 
    	 * @since 1.3
    	 */
    	private final static String PROP_INITCONNECTIONSQLS = "initConnectionSqls";
    	private final static String PROP_ACCESSTOUNDERLYINGCONNECTIONALLOWED = "accessToUnderlyingConnectionAllowed";
    	private final static String PROP_REMOVEABANDONED = "removeAbandoned";
    	private final static String PROP_REMOVEABANDONEDTIMEOUT = "removeAbandonedTimeout";
    	private final static String PROP_LOGABANDONED = "logAbandoned";
    	private final static String PROP_POOLPREPAREDSTATEMENTS = "poolPreparedStatements";
    	private final static String PROP_MAXOPENPREPAREDSTATEMENTS = "maxOpenPreparedStatements";
    	private final static String PROP_CONNECTIONPROPERTIES = "connectionProperties";
    
    	private final static String[] ALL_PROPERTIES = { PROP_DEFAULTAUTOCOMMIT,
    			PROP_DEFAULTREADONLY, PROP_DEFAULTTRANSACTIONISOLATION,
    			PROP_DEFAULTCATALOG, PROP_DRIVERCLASSNAME, PROP_MAXACTIVE,
    			PROP_MAXIDLE, PROP_MINIDLE, PROP_INITIALSIZE, PROP_MAXWAIT,
    			PROP_TESTONBORROW, PROP_TESTONRETURN,
    			PROP_TIMEBETWEENEVICTIONRUNSMILLIS, PROP_NUMTESTSPEREVICTIONRUN,
    			PROP_MINEVICTABLEIDLETIMEMILLIS, PROP_TESTWHILEIDLE, PROP_PASSWORD,
    			PROP_URL, PROP_USERNAME, PROP_VALIDATIONQUERY,
    			PROP_VALIDATIONQUERY_TIMEOUT, PROP_INITCONNECTIONSQLS,
    			PROP_ACCESSTOUNDERLYINGCONNECTIONALLOWED, PROP_REMOVEABANDONED,
    			PROP_REMOVEABANDONEDTIMEOUT, PROP_LOGABANDONED,
    			PROP_POOLPREPAREDSTATEMENTS, PROP_MAXOPENPREPAREDSTATEMENTS,
    			PROP_CONNECTIONPROPERTIES };
    
    	@Override
    	public Object getObjectInstance(Object obj, Name name, Context nameCtx,
    			Hashtable environment) throws Exception {
    
    		Encryptor encryptor = new Encryptor();
    		// String passowrd = encryptor.encrypt("godsoft");
    		// System.out.println(passowrd);
    		// passowrd = encryptor.decrypt(passowrd);
    		// System.out.println(passowrd);
    
    		// // DataSource dataSource = (DataSource) getObjectInstance(obj, name,
    		// // nameCtx, environment);
    		// //
    		// // String value = null;
    		// //
    		// // value = properties.getProperty(PROP_PASSWORD);
    		// // if (value != null) {
    		// // dataSource.setPassword(value);
    		// // }
    		//
    		// return dataSource;
    
    		// We only know how to deal with <code>javax.naming.Reference</code>s
    		// that specify a class name of "javax.sql.DataSource"
    		if ((obj == null) || !(obj instanceof Reference)) {
    			return null;
    		}
    		Reference ref = (Reference) obj;
    		if (!"javax.sql.DataSource".equals(ref.getClassName())) {
    			return null;
    		}
    
    		Properties properties = new Properties();
    		for (int i = 0; i < ALL_PROPERTIES.length; i++) {
    			String propertyName = ALL_PROPERTIES[i];
    			RefAddr ra = ref.get(propertyName);
    			if (ra != null) {
    				String propertyValue = ra.getContent().toString();
    				properties.setProperty(propertyName, propertyValue);
    			}
    		}
    
    		BasicDataSource dataSource = (BasicDataSource) createDataSource(properties);
    
    		System.out.println(dataSource.getPassword());
    
    		String value = null;
    
    		value = properties.getProperty(PROP_PASSWORD);
    		if (value != null) {
    			// dataSource.setPassword(value);
    			dataSource.setPassword(encryptor.decrypt(value));
    		}
    
    		System.out.println(value);
    		System.out.println(dataSource.getPassword());
    
    		return dataSource;
    	}
    
    }
    


    /godsoft.tomcat6-datasource-password-encryption/src/main/resources/egovframework/spring/com/context-datasource.xml


    	<!-- Oracle -->
    	<!-- <bean id="dataSource-oracle" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close"> -->
    	<!-- <property name="driverClassName" value="${Globals.DriverClassName}" /> -->
    	<!-- <property name="url" value="${Globals.Url}" /> -->
    	<!-- <property name="username" value="${Globals.UserName}" /> -->
    	<!-- <property name="password" value="${Globals.Password}" /> -->
    	<!-- </bean> -->
    
    	<bean id="dataSource-oracle" class="org.springframework.jndi.JndiObjectFactoryBean">
    		<property name="jndiName" value="java:comp/env/jdbc/test" />
    	</bean>



    /Servers/Apache Tomcat v6.0 (jdk17) at localhost-config/server.xml

          <Context docBase="godsoft.tomcat6-datasource-password-encryption" path="/tomcat6-datasource-password-encryption" reloadable="true" source="org.eclipse.jst.jee.server:godsoft.tomcat6-datasource-password-encryption">
    <!-- <Resource auth="Container" driverClassName="oracle.jdbc.driver.OracleDriver" maxActive="100" maxIdle="30" maxWait="10000" name="jdbc/test" password="test" type="javax.sql.DataSource" url="jdbc:oracle:thin:@192.168.0.107:1521:orcl" username="test" factory="godsoft.org.apache.tomcat.dbcp.dbcp.GodsoftBasicDataSourceFactory"/> -->
    <Resource auth="Container" driverClassName="oracle.jdbc.driver.OracleDriver" maxActive="100" maxIdle="30" maxWait="10000" name="jdbc/test" password="dc6ab4050b3e2f07889fd7a5f580774d" type="javax.sql.DataSource" url="jdbc:oracle:thin:@192.168.0.107:1521:orcl" username="test" factory="godsoft.org.apache.tomcat.dbcp.dbcp.GodsoftBasicDataSourceFactory"/>
          </Context>


    • svn checkout --username anonsvn https://dev.naver.com/svn/godsoft
    • The password is 'anonsvn'

    https://dev.naver.com/svn/godsoft/trunk/godsoft.tomcat6-datasource-password-encryption

  • 로그인을 하시면 답변을 등록할 수 있습니다.