新增kafka用户名密码加密 TSG-8835

author: qidaijie <[email protected]> 2022-03-16 16:55:18 +0800
committer: qidaijie <[email protected]> 2022-03-16 16:55:18 +0800
commit: a8195cd3e23deb779258e70f95f203259b020d31 (patch)
tree: 15748f123501462d532460a7b64d66b393dae0d2
parent: 1c8d34e39d6067c1bf93a50bba0d60b80007846b (diff)
5 files changed, 30 insertions, 21 deletions
diff --git a/pom.xml b/pom.xml
index 8eb11e6..01b279d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
 
     <groupId>com.zdjizhi</groupId>
     <artifactId>radius-account-knowledge</artifactId>
-    <version>220309-jackson</version>
+    <version>220316-encryption</version>
 
     <name>radius-account-knowledge</name>
     <url>http://www.example.com</url>
@@ -210,6 +210,13 @@
             <scope>test</scope>
         </dependency>
 
+        <!-- https://mvnrepository.com/artifact/org.jasypt/jasypt -->
+        <dependency>
+            <groupId>org.jasypt</groupId>
+            <artifactId>jasypt</artifactId>
+            <version>1.9.3</version>
+        </dependency>
+
     </dependencies>
 </project>
 
diff --git a/properties/default_config.properties b/properties/default_config.properties
index 39c2834..f25c22e 100644
--- a/properties/default_config.properties
+++ b/properties/default_config.properties
@@ -28,8 +28,8 @@ buffer.memory=134217728
 #10M
 max.request.size=10485760
 #====================kafka default====================#
-#kafka SASL��֤�û���
-kafka.user=admin
+#kafka SASL��֤�û���-����
+kafka.user=nsyGpHKGFA4KW0zro9MDdw==
 
-#kafka SASL��SSL��֤����
-kafka.pin=galaxy2019
-\ No newline at end of file
+#kafka SASL��SSL��֤����-����
+kafka.pin=6MleDyA3Z73HSaXiKsDJ2k7Ys8YWLhEJ
+\ No newline at end of file
diff --git a/properties/service_flow_config.properties b/properties/service_flow_config.properties
index dfd5043..4beb64a 100644
--- a/properties/service_flow_config.properties
+++ b/properties/service_flow_config.properties
@@ -1,15 +1,15 @@
 #--------------------------------地址配置------------------------------#
 
 #管理kafka地址
-source.kafka.servers=10.233.12.4:9094
+source.kafka.servers=192.168.44.12:9094
 
 #管理输出kafka地址
-sink.kafka.servers=10.224.11.14:9095,10.224.11.15:9095,10.224.11.16:9095,10.224.11.17:9095,10.224.11.18:9095,10.224.11.19:9095,10.224.11.20:9095,10.224.11.21:9095,10.224.11.22:9095,10.224.11.23:9095
+sink.kafka.servers=192.168.44.12:9094
 
 #--------------------------------Kafka消费组信息------------------------------#
 
 #kafka 接收数据topic
-source.kafka.topic=RADIUS-RECORD
+source.kafka.topic=test
 
 #补全数据 输出 topic
 sink.kafka.topic=RADIUS-ONFF
@@ -25,4 +25,4 @@ producer.ack=1
 
 #--------------------------------topology配置------------------------------#
 #定位库地址
-tools.library=D:\\workerspace\\dat
-\ No newline at end of file
+tools.library=D:\\workerspace\\dat\\
+\ No newline at end of file
diff --git a/src/main/java/com/zdjizhi/common/RadiusKnowledgeConfig.java b/src/main/java/com/zdjizhi/common/RadiusKnowledgeConfig.java
index 43d2a9d..cb9ead3 100644
--- a/src/main/java/com/zdjizhi/common/RadiusKnowledgeConfig.java
+++ b/src/main/java/com/zdjizhi/common/RadiusKnowledgeConfig.java
@@ -2,11 +2,19 @@ package com.zdjizhi.common;
 
 
 import com.zdjizhi.utils.system.RadiusKnowledgeConfigurations;
+import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
 
 /**
  * @author Administrator
  */
 public class RadiusKnowledgeConfig {
+
+    private static StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
+
+    static {
+        encryptor.setPassword("galaxy");
+    }
+
     /**
      * 4- Accounting-Request(账户授权)
      */
@@ -49,10 +57,6 @@ public class RadiusKnowledgeConfig {
 
 
     /**
-     * System
-     */
-
-    /**
      * kafka
      */
     public static final String SOURCE_KAFKA_SERVERS = RadiusKnowledgeConfigurations.getStringProperty(0, "source.kafka.servers");
@@ -73,10 +77,8 @@ public class RadiusKnowledgeConfig {
     public static final Integer BUFFER_MEMORY = RadiusKnowledgeConfigurations.getIntProperty(1, "buffer.memory");
     public static final Integer MAX_REQUEST_SIZE = RadiusKnowledgeConfigurations.getIntProperty(1, "max.request.size");
     public static final String TOOLS_LIBRARY = RadiusKnowledgeConfigurations.getStringProperty(0, "tools.library");
-    public static final String KAFKA_SOURCE_PROTOCOL = RadiusKnowledgeConfigurations.getStringProperty(1, "kafka.source.protocol");
-    public static final String KAFKA_SINK_PROTOCOL = RadiusKnowledgeConfigurations.getStringProperty(1, "kafka.sink.protocol");
-    public static final String KAFKA_USER = RadiusKnowledgeConfigurations.getStringProperty(1, "kafka.user");
-    public static final String KAFKA_PIN = RadiusKnowledgeConfigurations.getStringProperty(1, "kafka.pin");
+    public static final String KAFKA_SASL_JAAS_USER = encryptor.decrypt(RadiusKnowledgeConfigurations.getStringProperty(1, "kafka.user"));
+    public static final String KAFKA_SASL_JAAS_PIN = encryptor.decrypt(RadiusKnowledgeConfigurations.getStringProperty(1, "kafka.pin"));
 
     /**
      * kafka source config
diff --git a/src/main/java/com/zdjizhi/utils/kafka/CertUtils.java b/src/main/java/com/zdjizhi/utils/kafka/CertUtils.java
index a5bce21..88bc377 100644
--- a/src/main/java/com/zdjizhi/utils/kafka/CertUtils.java
+++ b/src/main/java/com/zdjizhi/utils/kafka/CertUtils.java
@@ -33,15 +33,15 @@ class CertUtils {
             properties.put("security.protocol", "SASL_PLAINTEXT");
             properties.put("sasl.mechanism", "PLAIN");
             properties.put("sasl.jaas.config", "org.apache.kafka.common.security.plain.PlainLoginModule required username="
-                    + RadiusKnowledgeConfig.KAFKA_USER + " password=" + RadiusKnowledgeConfig.KAFKA_PIN + ";");
+                    + RadiusKnowledgeConfig.KAFKA_SASL_JAAS_USER + " password=" + RadiusKnowledgeConfig.KAFKA_SASL_JAAS_PIN + ";");
         } else if (servers.contains(SSL_PORT)) {
             properties.put("security.protocol", "SSL");
             properties.put(SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG, "");
             properties.put("ssl.keystore.location", RadiusKnowledgeConfig.TOOLS_LIBRARY + "keystore.jks");
-            properties.put("ssl.keystore.password", RadiusKnowledgeConfig.KAFKA_PIN);
+            properties.put("ssl.keystore.password", RadiusKnowledgeConfig.KAFKA_SASL_JAAS_PIN);
             properties.put("ssl.truststore.location", RadiusKnowledgeConfig.TOOLS_LIBRARY + "truststore.jks");
-            properties.put("ssl.truststore.password", RadiusKnowledgeConfig.KAFKA_PIN);
-            properties.put("ssl.key.password", RadiusKnowledgeConfig.KAFKA_PIN);
+            properties.put("ssl.truststore.password", RadiusKnowledgeConfig.KAFKA_SASL_JAAS_PIN);
+            properties.put("ssl.key.password", RadiusKnowledgeConfig.KAFKA_SASL_JAAS_PIN);
         }
 
     }
author	qidaijie <[email protected]>	2022-03-16 16:55:18 +0800
committer	qidaijie <[email protected]>	2022-03-16 16:55:18 +0800
commit	a8195cd3e23deb779258e70f95f203259b020d31 (patch)
tree	15748f123501462d532460a7b64d66b393dae0d2
parent	1c8d34e39d6067c1bf93a50bba0d60b80007846b (diff)