Encrypt DBCP Datasource Password Spring

Password encryption is mandatory for any application as you saw in last tutorial how to encrypt password if you are using Spring datasource. In this tutorial I will show how to encrypt password if you are using DBCP basic datasource to make connection to the database. As all steps are same here, only you will have to extends BasicDataSource class from DBCP.

Sample Spring MVC project:

dispatcher-servlet.xml where you are making connection to the database:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:context="http://www.springframework.org/schema/context"
	xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="
        http://www.springframework.org/schema/beans     
        http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/context 
        http://www.springframework.org/schema/context/spring-context.xsd
        http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc.xsd">

	<context:component-scan base-package="com.javahonk.controller" />
	<mvc:annotation-driven />
	<context:property-placeholder location="classpath:database/database.properties" />

	<bean
		class="org.springframework.web.servlet.view.InternalResourceViewResolver">
		<property name="prefix">
			<value>/WEB-INF/jsp/</value>
		</property>
		<property name="suffix">
			<value>.jsp</value>
		</property>
	</bean>

	<!-- bind messages.properties -->
	<bean class="org.springframework.context.support.ResourceBundleMessageSource"
		id="messageSource">
		<property name="basename" value="messages/messages" />
	</bean>

	<bean id="dataSource" class="com.javahonk.dao.CustomBasicDataSource">	
		<property name="driverClassName" value="${jdbc.driver}"></property>
		<property name="url" value="${jdbc.url}"></property>
		<property name="username" value="${jdbc.username}"></property>
		<property name="password" value="${jdbc.password}"></property>		
		<property name="initialSize" value="10" />
		<property name="maxActive" value="20" />
		<property name="removeAbandoned" value="true" />		
	</bean>

	<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
		<property name="dataSource" ref="dataSource"></property>
	</bean>

	<bean id="personDao" class="com.javahonk.dao.PersonDAOImpl" />


</beans>

As you see above in place of extending <bean id=”dataSource” class=”org.apache.commons.dbcp.BasicDataSource”> I have written new class CustomBasicDataSource.java which extends BasicDataSource as below:

CustomBasicDataSource.java:

package com.javahonk.dao;

import org.apache.commons.dbcp.BasicDataSource;
import org.apache.tomcat.util.codec.binary.Base64;

/**
 * @author Java Honk
 *
 */
public class CustomBasicDataSource extends BasicDataSource {
	
	public CustomBasicDataSource() {
		super();		
	}	
	
	/* (non-Javadoc)
	 * @see org.springframework.jdbc.datasource.AbstractDriverBasedDataSource#setPassword(java.lang.String)
	 */
	public synchronized void setPassword(String encryptedPassword){	
		super.setPassword(base64Decode(encryptedPassword));		
    }
	
	/**
	 * @param token
	 * @return encoded
	 */
	public static String base64Encode(String token) {
		
		byte[] encodedBytes = Base64.encodeBase64(token.getBytes());
		return new String(encodedBytes);
	}

	/**
	 * @param token
	 * @return
	 */
	public static String base64Decode(String token) {
		byte[] decodedBytes = Base64.decodeBase64(token);
	    return new String(decodedBytes);
	}	
}

You can use any encryption algorithm here we have used Base64 to encrypt password as sample class is below for encryption:

Base64PasswordEncrypter.java:

package com.javahonk.dao;

import org.apache.tomcat.util.codec.binary.Base64;

/**
 * @author Java Honk
 *
 */
public class Base64PasswordEncrypter {

	public static void main(String[] args) {
		String password = "admin";
		System.out.println(base64Encode(password));		

	}
	
	/**
	 * @param token
	 * @return encoded
	 */
	public static String base64Encode(String token) {
		
		byte[] encodedBytes = Base64.encodeBase64(token.getBytes());
		return new String(encodedBytes);
	}

	/**
	 * @param token
	 * @return
	 */
	public static String base64Decode(String token) {
		byte[] decodedBytes = Base64.decodeBase64(token);
	    return new String(decodedBytes);
	}	

}

Please encrypt you password using this class and include in your properties file as below:

database.properties (Don’t forget to change with your database properties)

jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3306/JavaHonk
jdbc.username=root
jdbc.password=YWRtaW4=

That’s it. You could download complete working project below. For information on DBCP please visit Apache DBCP official documentation here

Download Project: ConnectionPoolingDBCPSpring

Encrypt DBCP Datasource Password Spring

Encrypt DBCP Datasource Password Spring

By Techi Works

Related Post

Leave a Reply Cancel reply

You Missed

Mizuho Fixed Income Team Lead position Interview coding round questions

BNS Paribas Senior java Developer interview questions

Scalability in Apache Kafka Horizontal Scaling Explained

High Throughput Apache Kafka Handle High-Velocity Data Streams