- spring-boot集成Apache ShardingSphere 5.0.0 感知
- 一、前言
- 二、与spring-boot集成实现(数据加密)
- 1.建表语句
- 2.pom.xml
- 3.application.yml
- 4.CURD
数据加密
二、与spring-boot集成实现(数据加密) 1.建表语句Apache ShardingSphere 通过对用户输入的 SQL 进行解析,并依据用户提供的加密规则对 SQL 进行改写,从而实现对原文数据进行加密,并将原文数据(可选)及密文数据同时存储到底层数据库。 在用户查询数据时,它仅从数据库中取出密文数据,并对其解密,最终将解密后的原始数据返回给用户。 Apache ShardingSphere 自动化 & 透明化了数据加密过程,让用户无需关注数据加密的实现细节,像使用普通数据那样使用加密数据。 此外,无论是已在线业务进行加密改造,还是新上线业务使用加密功能,Apache ShardingSphere 都可以提供一套相对完善的解决方案。
CREATE TABLE `t_encrypt` ( `id` varchar(36) COLLATE utf8_bin NOT NULL, `phone_no_cipher` varchar(512) COLLATE utf8_bin NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;2.pom.xml
3.application.yml1.8 3.4.1 5.0.0 com.baomidou mybatis-plus-boot-starter ${mybatis-plus.version} org.apache.shardingsphere shardingsphere-jdbc-core-spring-boot-starter ${shardingsphere.version}
spring:
shardingsphere:
props:
sql-show: true
datasource:
ds0:
driver-class-name: com.mysql.cj.jdbc.Driver
jdbc-url: jdbc:mysql://localhost:3306/ds0?useUnicode=true&characterEncoding=utf-8&useSSL=false&serverTimezone=GMT&allowPublicKeyRetrieval=true
password: 123456
type: com.zaxxer.hikari.HikariDataSource
username: root
ds1:
driver-class-name: com.mysql.cj.jdbc.Driver
jdbc-url: jdbc:mysql://localhost:3306/ds1?useUnicode=true&characterEncoding=utf-8&useSSL=false&serverTimezone=GMT&allowPublicKeyRetrieval=true
password: 123456
type: com.zaxxer.hikari.HikariDataSource
username: root
names: ds0,ds1
rules:
encrypt:
encryptors:
custom-encrypt:
type: AES
props:
# 对称加密key(君不见黄河之水天上来,奔流到海不复回。)
aes-key-value: jbjhhzstsl,bldhbfh.
tables:
t_encrypt:
# 使用密文列查询(默认true)
query-with-cipher-column: true
columns:
phone_no:
# 逻辑列(虚拟列)
logic-column: phone_no
# 密文列(真实列)
cipher-column: phone_no_cipher
# 原文列(真实列,可选)
# plain-column: phone_no_plain
# 加密策略名称与上方对应(推荐使用短横线风格)
encryptor-name: custom-encrypt
mybatis-plus:
global-config:
db-config:
id-type: assign_id
4.CURD内置的加密算法,MD5、AES、RC4;若准备自定义算法可参照数据加密,基于SPI机制自动扩展。不清楚SPI的原理,可以先阅读下源码分析-JDBC SPI加载机制。
- EncryptController.java
package com.example.demo.controller;
import com.example.demo.entity.Encrypt;
import com.example.demo.service.EncryptService;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
import java.util.List;
@RestController
@RequestMapping("/encrypt")
public class EncryptController {
@Resource
private EncryptService encryptService;
@GetMapping("/{id}")
public Encrypt getById(@PathVariable String id) {
return this.encryptService.getById(id);
}
@GetMapping("/selectByPhoneNo/{phoneNo}")
public List selectByPhoneNo(@PathVariable String phoneNo) {
return this.encryptService.selectByPhoneNo(phoneNo);
}
@GetMapping
public List list() {
return this.encryptService.list();
}
@GetMapping("/count")
public Integer count() {
return this.encryptService.count();
}
@GetMapping("/mock")
public String mock() {
for (int i = 0; i < 12; i++) {
final Encrypt encrypt = new Encrypt();
encrypt.setPhoneNo(String.valueOf(i));
this.encryptService.save(encrypt);
}
return "SUCCESS";
}
}
- EncryptService.java
package com.example.demo.service; import com.baomidou.mybatisplus.extension.service.IService; import com.example.demo.entity.Encrypt; import java.util.List; public interface EncryptService extends IService{ List selectByPhoneNo(String phoneNo); }
- EncryptServiceImpl.java
package com.example.demo.service.impl;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.example.demo.dao.EncryptDao;
import com.example.demo.entity.Encrypt;
import com.example.demo.service.EncryptService;
import org.springframework.stereotype.Service;
import java.util.List;
@Service("encryptService")
public class EncryptServiceImpl extends ServiceImpl implements EncryptService {
@Override
public List selectByPhoneNo(String phoneNo) {
return this.baseMapper.selectList(new QueryWrapper().lambda().eq(Encrypt::getPhoneNo, phoneNo));
}
}
- EncryptDao.java
package com.example.demo.dao; import com.baomidou.mybatisplus.core.mapper.baseMapper; import com.example.demo.entity.Encrypt; public interface EncryptDao extends baseMapper{ }
- Encrypt.java
package com.example.demo.entity;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import com.baomidou.mybatisplus.extension.activerecord.Model;
import java.io.Serializable;
@SuppressWarnings("serial")
@TableName("t_encrypt")
public class Encrypt extends Model {
@TableId
private String id;
private String phoneNo;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getPhoneNo() {
return phoneNo;
}
public void setPhoneNo(String phoneNo) {
this.phoneNo = phoneNo;
}
@Override
protected Serializable pkVal() {
return this.id;
}
}
更多:
spring-boot集成Apache ShardingSphere 5.0.0 初识
