Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
421 views
in Technique[技术] by (71.8m points)

playframework - Encrypting db password in application.conf

Play framework [I'm using v1.2.3] does not support db password encryption stored in the application.conf. This is stored as a plain-text file. DBPlugin reads this property and creates a Connection pool.

The requirement is to encrypt this password - for e.g. using Jasypt. Some enterprises enforce this as a security measure.

Has anybody tried doing something like this?

Since DBPlugin loads on ApplicationStart, there is no way to hack it. That leaves to write a custom plugin and onConfigurationRead set a new value for the db.password of application.conf property.

Any suggestions?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Finally I fixed this by writing a Play Plugin. Writing a Play plugin is also very easy. Here is the sample code:

package plugin;

import java.util.Properties;

import org.jasypt.util.text.StrongTextEncryptor;

import play.Play;
import play.PlayPlugin;

public class DBPasswordInject extends PlayPlugin {

    @Override
    public void onConfigurationRead() {
        StrongTextEncryptor strongTextEncryptor = new StrongTextEncryptor();
        strongTextEncryptor.setPassword("$Look##$2");// this password has been used to encrypt

        String encryptedPassword = Play.configuration.getProperty("db.pass");
        String decrypted = strongTextEncryptor.decrypt(encryptedPassword);
        Play.configuration.setProperty("db.pass", decrypted); //override

        super.onConfigurationRead();
    }

}

The only downside is that I was not able to use org.jasypt.util.password.StrongPasswordEncryptor - because there is no decrypt method.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...