1. 環境
maven: 3.3.9
jdk: 1.8
springboot: 2.1.6.RELEASE
ShardingSphere: 4.0.0-RC3
2. maven引入jar
<dependency> <groupId>org.apache.shardingsphere</groupId> <artifactId>sharding-jdbc-spring-boot-starter</artifactId> <version>4.0.0-RC3</version> </dependency>
3. 數據脫敏配置
spring.shardingsphere.encrypt.encryptors.encryptor_aes.type=aes spring.shardingsphere.encrypt.encryptors.encryptor_aes.props.aes.key.value=123456 spring.shardingsphere.encrypt.tables.app_auth_register.columns.user_id.plainColumn=app_id spring.shardingsphere.encrypt.tables.app_auth_register.columns.user_id.cipherColumn=client_id #spring.shardingsphere.encrypt.tables.book_shelf.columns.user_id.assistedQueryColumn=user_assisted spring.shardingsphere.encrypt.tables.app_auth_register.columns.user_id.encryptor=encryptor_aes
說明:
邏輯字段爲user_id, 映射到表中的兩個字段明文app_id和密文client_id
注意:
mybatis中的sql都是以邏輯字段的形式
而且邏輯字段會被ShardingSphere框架給統一變爲小寫字母,所以若邏輯字段爲駝峯格式,會失敗
4. 測試類
@Test public void testQueryApp() { AppAuthRegisterExample example = new AppAuthRegisterExample(); example.createCriteria().andUserIdEqualTo("33"); List<AppAuthRegister> appAuthRegisters = appAuthRegisterDAO.selectByExample(example); System.out.println(appAuthRegisters); }
說明: 查詢的話,入參爲邏輯字段user_id, 實際sql爲使用加密後的字符串進行查詢,而且不會展示明文字段和密文字段,只會展示其他字段
[2019-12-23 18:12:07 INFO org.apache.shardingsphere.core.route.SQLLogger:log] - Rule Type: encrypt
[2019-12-23 18:12:07 INFO org.apache.shardingsphere.core.route.SQLLogger:log] - SQL: select
id, client_id,
url, create_time, update_time
from app_auth_register
WHERE ( client_id = ? )