1. 环境
maven: 3.3.9
jdk: 1.8
springboot: 2.1.6.RELEASE
ShardingSphere: 4.0.0-RC3
2. maven引入jar
<dependency> <groupId>org.apache.shardingsphere</groupId> <artifactId>sharding-jdbc-spring-boot-starter</artifactId> <version>4.0.0-RC3</version> </dependency>
3. 数据脱敏配置
spring.shardingsphere.encrypt.encryptors.encryptor_aes.type=aes spring.shardingsphere.encrypt.encryptors.encryptor_aes.props.aes.key.value=123456 spring.shardingsphere.encrypt.tables.app_auth_register.columns.user_id.plainColumn=app_id spring.shardingsphere.encrypt.tables.app_auth_register.columns.user_id.cipherColumn=client_id #spring.shardingsphere.encrypt.tables.book_shelf.columns.user_id.assistedQueryColumn=user_assisted spring.shardingsphere.encrypt.tables.app_auth_register.columns.user_id.encryptor=encryptor_aes
说明:
逻辑字段为user_id, 映射到表中的两个字段明文app_id和密文client_id
注意:
mybatis中的sql都是以逻辑字段的形式
而且逻辑字段会被ShardingSphere框架给统一变为小写字母,所以若逻辑字段为驼峰格式,会失败
4. 测试类
@Test public void testQueryApp() { AppAuthRegisterExample example = new AppAuthRegisterExample(); example.createCriteria().andUserIdEqualTo("33"); List<AppAuthRegister> appAuthRegisters = appAuthRegisterDAO.selectByExample(example); System.out.println(appAuthRegisters); }
说明: 查询的话,入参为逻辑字段user_id, 实际sql为使用加密后的字符串进行查询,而且不会展示明文字段和密文字段,只会展示其他字段
[2019-12-23 18:12:07 INFO org.apache.shardingsphere.core.route.SQLLogger:log] - Rule Type: encrypt
[2019-12-23 18:12:07 INFO org.apache.shardingsphere.core.route.SQLLogger:log] - SQL: select
id, client_id,
url, create_time, update_time
from app_auth_register
WHERE ( client_id = ? )