낭군이
371
2015-12-24 11:24:33
5
3481
#307337 Tech Q&A 톰캣

톰캣6.0 DBCP 접속 주소/아이디/비밀번호 암호화 가능한가요?

톰캣6.0에서

DBCP (server.xml) 접속 주소/아이디/비밀번호 암호화하는


방법이 있나요?




0
0

  • 답변 5

  • 잡초
    1k
    2015-12-24 12:14:27

    db접속 정보요?

    xml?

    암호화 가능 합니다.



    0
  • 낭군이
    371
    2015-12-24 12:28:22

    잡초님/감사합니다. 구글링 해봐야겠네요.

    0
  • kskmw2000
    22
    2015-12-24 13:39:16

    http://gt1000.tistory.com/entry/Tomcat-Serverxml-DBCP-%EC%84%A4%EC%A0%95-%EB%B6%80%EB%B6%84-%EC%95%94%ED%98%B8%ED%99%94-%EB%B0%A9%EB%B2%95 

    이 url를 참고하시면 될 듯 합니다.

    0
  • 낭군이
    371
    2015-12-24 16:55:23
    kskmw2000님/감사합니당
    0
  • dlqorgod
    396
    2015-12-24 16:58:51

    아래와 같이 하면 될 것 같은데...

    체크아웃 받으셔서 테스트 해보세요~~~

    jdk1.7 tomcat6


    /godsoft.tomcat6-datasource-password-encryption/src/main/java/godsoft/org/apache/tomcat/dbcp/dbcp/Encryptor.java

    http://www.jdev.it/encrypting-passwords-in-tomcat/

    package godsoft.org.apache.tomcat.dbcp.dbcp;

import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;

public class Encryptor {

	private static final String ALGORITHM = "AES";

	private static final String defaultSecretKey = "ThisIsAVeryVerySecretKey";

	private Key secretKeySpec;

	public Encryptor() throws InvalidKeyException, NoSuchAlgorithmException,
			NoSuchPaddingException, UnsupportedEncodingException {
		this(null);
	}

	public Encryptor(String secretKey) throws NoSuchAlgorithmException,
			NoSuchPaddingException, InvalidKeyException,
			UnsupportedEncodingException {
		this.secretKeySpec = generateKey(secretKey);
	}

	public String encrypt(String plainText) throws InvalidKeyException,
			NoSuchAlgorithmException, NoSuchPaddingException,
			IllegalBlockSizeException, BadPaddingException,
			UnsupportedEncodingException {
		Cipher cipher = Cipher.getInstance(ALGORITHM);
		cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
		byte[] encrypted = cipher.doFinal(plainText.getBytes("UTF-8"));
		return asHexString(encrypted);
	}

	public String decrypt(String encryptedString) throws InvalidKeyException,
			IllegalBlockSizeException, BadPaddingException,
			NoSuchAlgorithmException, NoSuchPaddingException {
		Cipher cipher = Cipher.getInstance(ALGORITHM);
		cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
		byte[] original = cipher.doFinal(toByteArray(encryptedString));
		return new String(original);
	}

	private Key generateKey(String secretKey)
			throws UnsupportedEncodingException, NoSuchAlgorithmException {
		if (secretKey == null) {
			secretKey = defaultSecretKey;
		}
		byte[] key = (secretKey).getBytes("UTF-8");
		MessageDigest sha = MessageDigest.getInstance("SHA-1");
		key = sha.digest(key);
		key = Arrays.copyOf(key, 16); // use only the first 128 bit

		KeyGenerator kgen = KeyGenerator.getInstance("AES");
		kgen.init(128); // 192 and 256 bits may not be available

		return new SecretKeySpec(key, ALGORITHM);
	}

	private final String asHexString(byte buf[]) {
		StringBuffer strbuf = new StringBuffer(buf.length * 2);
		int i;
		for (i = 0; i < buf.length; i++) {
			if ((buf[i] & 0xff) < 0x10) {
				strbuf.append("0");
			}
			strbuf.append(Long.toString(buf[i] & 0xff, 16));
		}
		return strbuf.toString();
	}

	private final byte[] toByteArray(String hexString) {
		int arrLength = hexString.length() >> 1;
		byte buf[] = new byte[arrLength];
		for (int ii = 0; ii < arrLength; ii++) {
			int index = ii << 1;
			String l_digit = hexString.substring(index, index + 2);
			buf[ii] = (byte) Integer.parseInt(l_digit, 16);
		}
		return buf;
	}

	public static void main(String[] args) throws Exception {
		if (args.length == 1 || args.length == 2) {
			String plainText = args[0];
			String secretKey = args.length == 2 ? args[1] : null;
			Encryptor aes = null;
			if (secretKey == null) {
				aes = new Encryptor();
			} else {
				aes = new Encryptor(secretKey);
			}
			String encryptedString = aes.encrypt(plainText);
			System.out.println(plainText + ":" + encryptedString);
		} else {
			System.out.println("USAGE: java AES string-to-encrypt [secretKey]");
		}
	}

}


    /godsoft.tomcat6-datasource-password-encryption/src/main/java/godsoft/org/apache/tomcat/dbcp/dbcp/GodsoftBasicDataSourceFactory.java


    package godsoft.org.apache.tomcat.dbcp.dbcp;

import java.util.Hashtable;
import java.util.Properties;

import javax.naming.Context;
import javax.naming.Name;
import javax.naming.RefAddr;
import javax.naming.Reference;

import org.apache.tomcat.dbcp.dbcp.BasicDataSource;
import org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory;

public class GodsoftBasicDataSourceFactory extends BasicDataSourceFactory {

	private final static String PROP_DEFAULTAUTOCOMMIT = "defaultAutoCommit";
	private final static String PROP_DEFAULTREADONLY = "defaultReadOnly";
	private final static String PROP_DEFAULTTRANSACTIONISOLATION = "defaultTransactionIsolation";
	private final static String PROP_DEFAULTCATALOG = "defaultCatalog";
	private final static String PROP_DRIVERCLASSNAME = "driverClassName";
	private final static String PROP_MAXACTIVE = "maxActive";
	private final static String PROP_MAXIDLE = "maxIdle";
	private final static String PROP_MINIDLE = "minIdle";
	private final static String PROP_INITIALSIZE = "initialSize";
	private final static String PROP_MAXWAIT = "maxWait";
	private final static String PROP_TESTONBORROW = "testOnBorrow";
	private final static String PROP_TESTONRETURN = "testOnReturn";
	private final static String PROP_TIMEBETWEENEVICTIONRUNSMILLIS = "timeBetweenEvictionRunsMillis";
	private final static String PROP_NUMTESTSPEREVICTIONRUN = "numTestsPerEvictionRun";
	private final static String PROP_MINEVICTABLEIDLETIMEMILLIS = "minEvictableIdleTimeMillis";
	private final static String PROP_TESTWHILEIDLE = "testWhileIdle";
	private final static String PROP_PASSWORD = "password";
	private final static String PROP_URL = "url";
	private final static String PROP_USERNAME = "username";
	private final static String PROP_VALIDATIONQUERY = "validationQuery";
	private final static String PROP_VALIDATIONQUERY_TIMEOUT = "validationQueryTimeout";
	/**
	 * The property name for initConnectionSqls. The associated value String
	 * must be of the form [query;]*
	 * 
	 * @since 1.3
	 */
	private final static String PROP_INITCONNECTIONSQLS = "initConnectionSqls";
	private final static String PROP_ACCESSTOUNDERLYINGCONNECTIONALLOWED = "accessToUnderlyingConnectionAllowed";
	private final static String PROP_REMOVEABANDONED = "removeAbandoned";
	private final static String PROP_REMOVEABANDONEDTIMEOUT = "removeAbandonedTimeout";
	private final static String PROP_LOGABANDONED = "logAbandoned";
	private final static String PROP_POOLPREPAREDSTATEMENTS = "poolPreparedStatements";
	private final static String PROP_MAXOPENPREPAREDSTATEMENTS = "maxOpenPreparedStatements";
	private final static String PROP_CONNECTIONPROPERTIES = "connectionProperties";

	private final static String[] ALL_PROPERTIES = { PROP_DEFAULTAUTOCOMMIT,
			PROP_DEFAULTREADONLY, PROP_DEFAULTTRANSACTIONISOLATION,
			PROP_DEFAULTCATALOG, PROP_DRIVERCLASSNAME, PROP_MAXACTIVE,
			PROP_MAXIDLE, PROP_MINIDLE, PROP_INITIALSIZE, PROP_MAXWAIT,
			PROP_TESTONBORROW, PROP_TESTONRETURN,
			PROP_TIMEBETWEENEVICTIONRUNSMILLIS, PROP_NUMTESTSPEREVICTIONRUN,
			PROP_MINEVICTABLEIDLETIMEMILLIS, PROP_TESTWHILEIDLE, PROP_PASSWORD,
			PROP_URL, PROP_USERNAME, PROP_VALIDATIONQUERY,
			PROP_VALIDATIONQUERY_TIMEOUT, PROP_INITCONNECTIONSQLS,
			PROP_ACCESSTOUNDERLYINGCONNECTIONALLOWED, PROP_REMOVEABANDONED,
			PROP_REMOVEABANDONEDTIMEOUT, PROP_LOGABANDONED,
			PROP_POOLPREPAREDSTATEMENTS, PROP_MAXOPENPREPAREDSTATEMENTS,
			PROP_CONNECTIONPROPERTIES };

	@Override
	public Object getObjectInstance(Object obj, Name name, Context nameCtx,
			Hashtable environment) throws Exception {

		Encryptor encryptor = new Encryptor();
		// String passowrd = encryptor.encrypt("godsoft");
		// System.out.println(passowrd);
		// passowrd = encryptor.decrypt(passowrd);
		// System.out.println(passowrd);

		// // DataSource dataSource = (DataSource) getObjectInstance(obj, name,
		// // nameCtx, environment);
		// //
		// // String value = null;
		// //
		// // value = properties.getProperty(PROP_PASSWORD);
		// // if (value != null) {
		// // dataSource.setPassword(value);
		// // }
		//
		// return dataSource;

		// We only know how to deal with <code>javax.naming.Reference</code>s
		// that specify a class name of "javax.sql.DataSource"
		if ((obj == null) || !(obj instanceof Reference)) {
			return null;
		}
		Reference ref = (Reference) obj;
		if (!"javax.sql.DataSource".equals(ref.getClassName())) {
			return null;
		}

		Properties properties = new Properties();
		for (int i = 0; i < ALL_PROPERTIES.length; i++) {
			String propertyName = ALL_PROPERTIES[i];
			RefAddr ra = ref.get(propertyName);
			if (ra != null) {
				String propertyValue = ra.getContent().toString();
				properties.setProperty(propertyName, propertyValue);
			}
		}

		BasicDataSource dataSource = (BasicDataSource) createDataSource(properties);

		System.out.println(dataSource.getPassword());

		String value = null;

		value = properties.getProperty(PROP_PASSWORD);
		if (value != null) {
			// dataSource.setPassword(value);
			dataSource.setPassword(encryptor.decrypt(value));
		}

		System.out.println(value);
		System.out.println(dataSource.getPassword());

		return dataSource;
	}

}


    /godsoft.tomcat6-datasource-password-encryption/src/main/resources/egovframework/spring/com/context-datasource.xml


    	<!-- Oracle -->
	<!-- <bean id="dataSource-oracle" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close"> -->
	<!-- <property name="driverClassName" value="${Globals.DriverClassName}" /> -->
	<!-- <property name="url" value="${Globals.Url}" /> -->
	<!-- <property name="username" value="${Globals.UserName}" /> -->
	<!-- <property name="password" value="${Globals.Password}" /> -->
	<!-- </bean> -->

	<bean id="dataSource-oracle" class="org.springframework.jndi.JndiObjectFactoryBean">
		<property name="jndiName" value="java:comp/env/jdbc/test" />
	</bean>



    /Servers/Apache Tomcat v6.0 (jdk17) at localhost-config/server.xml

          <Context docBase="godsoft.tomcat6-datasource-password-encryption" path="/tomcat6-datasource-password-encryption" reloadable="true" source="org.eclipse.jst.jee.server:godsoft.tomcat6-datasource-password-encryption">
<!-- <Resource auth="Container" driverClassName="oracle.jdbc.driver.OracleDriver" maxActive="100" maxIdle="30" maxWait="10000" name="jdbc/test" password="test" type="javax.sql.DataSource" url="jdbc:oracle:thin:@192.168.0.107:1521:orcl" username="test" factory="godsoft.org.apache.tomcat.dbcp.dbcp.GodsoftBasicDataSourceFactory"/> -->
<Resource auth="Container" driverClassName="oracle.jdbc.driver.OracleDriver" maxActive="100" maxIdle="30" maxWait="10000" name="jdbc/test" password="dc6ab4050b3e2f07889fd7a5f580774d" type="javax.sql.DataSource" url="jdbc:oracle:thin:@192.168.0.107:1521:orcl" username="test" factory="godsoft.org.apache.tomcat.dbcp.dbcp.GodsoftBasicDataSourceFactory"/>
      </Context>


    • svn checkout --username anonsvn https://dev.naver.com/svn/godsoft
    • The password is 'anonsvn'

    https://dev.naver.com/svn/godsoft/trunk/godsoft.tomcat6-datasource-password-encryption

    0
  • 로그인을 하시면 답변을 등록할 수 있습니다.