Java 无法加密配置文件中的密码
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/18636547/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Cannot encrypt password in configuration file
提问by nachokk
I'm having trouble encrypting the database password in hibernate.cfg.xml
我在加密数据库密码时遇到问题 hibernate.cfg.xml
This is my property file.
这是我的财产文件。
<!-- Database connection settings -->
<property name="connection.driver_class">com.microsoft.sqlserver.jdbc.SQLServerDriver</property>
<property name="connection.url">jdbc:sqlserver://localhost:1433;databaseName=TEST;</property>
<property name="connection.username">sa</property>
<!-- Encryption -->
<property name="connection.password">ENC(vMO/j5jfpaU2cUhPVoOk5Q==)</property>
<property name="connection.provider_class">org.jasypt.hibernate4.connectionprovider.EncryptedPasswordDriverManagerConnectionProvider</property>
<property name="connection.encryptor_registered_name">hibernateEncryptor</property>
Then in the HiberanteUtil.javaI have this
然后在HiberanteUtil.java我有这个
// Builds session factory.
private static SessionFactory configureSessionFactory()
throws HibernateException {
Configuration configuration = new Configuration().configure();
StandardPBEStringEncryptor encryptor =
new StandardPBEStringEncryptor();
encryptor.setPassword("pass");
HibernatePBEEncryptorRegistry registry =
HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("hibernateEncryptor", encryptor);
ServiceRegistry serviceRegistry = new ServiceRegistryBuilder()
.applySettings(configuration.getProperties()).buildServiceRegistry();
return configuration.buildSessionFactory(serviceRegistry);
}
I've created the encrypted password with encrypt.bat.
我已经用encrypt.bat.
Then the error i have is
然后我的错误是
com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user 'sa'. ClientConnectionId:8033573f-5f52-4fe9-a728-fbe4f57d89c4
com.microsoft.sqlserver.jdbc.SQLServerException:用户“sa”登录失败。ClientConnectionId:8033573f-5f52-4fe9-a728-fbe4f57d89c4
If I remove this part
如果我删除这部分
StandardPBEStringEncryptor encryptor =
new StandardPBEStringEncryptor();
encryptor.setPassword("someKey");
HibernatePBEEncryptorRegistry registry =
HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor(
"hibernateEncryptor", encryptor);
I have the same error, so I think it doesn't register but I have no idea how to do it.
我有同样的错误,所以我认为它没有注册,但我不知道该怎么做。
This is how i encrypt
这就是我加密的方式
UPDATE
更新
The only thing i can made to get it work is something like this, but is not the way i think.
我唯一能让它工作的事情就是这样,但不是我想的那样。
StandardPBEStringEncryptor encryptor =
new StandardPBEStringEncryptor();
encryptor.setPassword("somePass");
encryptor.setAlgorithm("PBEWITHMD5ANDDES");
String pass=encryptor.decrypt("HhpmA/XmJoLro8TYYu4YyA==");
HibernatePBEEncryptorRegistry registry =
HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor(
"hibernateEncryptor", encryptor);
Configuration configuration = new Configuration().configure()
.setProperty("hibernate.connection.encryptor_registered_name","hibernateEncryptor")
.setProperty("hibernate.connection.password",pass);
So i think the problem is with the "hibernateEncryptor", i think i need to register
所以我认为问题出在"hibernateEncryptor",我想我需要注册
<typedef name="encryptedString" class="org.jasypt.hibernate4.type.EncryptedStringType">
<param name="encryptorRegisteredName">hibernateEncryptor</param>
<typedef>
But when i put it in hibernate.cfg.xmlsays invalid mapping, so i add it to a class with annotation but nothing happen cause i think this is read after database connection that is what i want to encrypt. :(
但是当我把它放在hibernate.cfg.xml说无效映射中时,所以我将它添加到一个带有注释的类中,但没有发生任何事情,因为我认为这是在数据库连接后读取的,这是我想要加密的。:(
@TypeDef(name="encryptedString",typeClass=org.jasypt.hibernate4.type.EncryptedStringType.class,
parameters= {@Parameter(name="encryptorRegisteredName",value="hibernateEncryptor")})
采纳答案by nachokk
This is not the proper way to do it but solves.
这不是正确的方法,而是解决了。
StandardPBEStringEncryptor encryptor =new StandardPBEStringEncryptor();
encryptor.setPassword("somePass");
encryptor.setAlgorithm("PBEWITHMD5ANDDES");
Configuration configuration = new Configuration().configure();
String pass=encryptor.decrypt(configuration.getProperty("hibernate.connection.password"));
configuration.setProperty("hibernate.connection.password",pass);
And in hibernate.cfg
而在 hibernate.cfg
<property name="connection.username">sa</property>
<property name="connection.password">Nzuyhu5PJJwsVH3mdw==</property>
回答by Tim Spann
http://www.jasypt.org/hibernate.html
http://www.jasypt.org/hibernate.html
Why not switch algorithms to: PBEWithMD5AndTripleDES
为什么不将算法切换到:PBEWithMD5AndTripleDES
Take a look at this post on StackOverflow: Error implementing Jasypt with Hibernate 3 and Struts 2
看看 StackOverflow 上的这篇文章: 使用 Hibernate 3 和 Struts 2 实现 Jasypt 时出错
回答by B Black
You might try this:
你可以试试这个:
StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
strongEncryptor.setPassword("jasypt");
strongEncryptor.setAlgorithm("PBEWITHMD5ANDDES");
HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);
Configuration configuration = new Configuration();
configuration.configure("hibernate.cfg.xml");
configuration.setProperty("hibernate.connection.password", strongEncryptor.decrypt(configuration.getProperty("hibernate.connection.password")));
ServiceRegistryBuilder serviceRegistryBuilder = new ServiceRegistryBuilder().applySettings(configuration.getProperties());
sessionFactory = configuration.buildSessionFactory(serviceRegistryBuilder.buildServiceRegistry());
