数据脱敏

背景信息

数据脱敏 Java API 规则配置允许用户直接通过编写 Java 代码的方式,完成 ShardingSphereDataSource 对象的创建,Java API 的配置方式非常灵活,不需要依赖额外的 jar 包 就能够集成各种类型的业务系统。

参数解释

配置入口

类名称:org.apache.shardingsphere.mask.api.config.MaskRuleConfiguration

可配置属性:

名称数据类型说明默认值
tables (+)Collection<MaskTableRuleConfiguration>脱敏表规则配置
maskAlgorithms (+)Map<String, AlgorithmConfiguration>脱敏算法名称和配置

脱敏表规则配置

类名称:org.apache.shardingsphere.mask.api.config.rule.MaskTableRuleConfiguration

可配置属性:

名称数据类型说明
nameString表名称
columns (+)Collection<MaskColumnRuleConfiguration>脱敏列规则配置列表

脱敏列规则配置

类名称:org.apache.shardingsphere.mask.api.config.rule.MaskColumnRuleConfiguration

可配置属性:

名称数据类型说明
logicColumnString逻辑列名称
maskAlgorithmString脱敏算法名称

加解密算法配置

类名称:org.apache.shardingsphere.infra.config.algorithm.AlgorithmConfiguration

可配置属性:

名称数据类型说明
nameString脱敏算法名称
typeString脱敏算法类型
propertiesProperties脱敏算法属性配置

算法类型的详情,请参见内置脱敏算法列表

操作步骤

  1. 创建真实数据源映射关系,key 为数据源逻辑名称,value 为 DataSource 对象;
  2. 创建脱敏规则对象 MaskRuleConfiguration,并初始化对象中的脱敏表对象 MaskTableRuleConfiguration、脱敏算法等参数;
  3. 调用 ShardingSphereDataSourceFactory 对象的 createDataSource 方法,创建 ShardingSphereDataSource。

配置示例

  1. import java.util.Collections;
  2. import java.util.LinkedHashMap;
  3. import java.util.Properties;
  5. public final class MaskDatabasesConfiguration implements ExampleConfiguration {
  7.     @Override
  8.     public DataSource getDataSource() {
  9.         MaskColumnRuleConfiguration passwordColumn = new MaskColumnRuleConfiguration("password", "md5_mask");
  10.         MaskColumnRuleConfiguration emailColumn = new MaskColumnRuleConfiguration("email", "mask_before_special_chars_mask");
  11.         MaskColumnRuleConfiguration telephoneColumn = new MaskColumnRuleConfiguration("telephone", "keep_first_n_last_m_mask");
  12.         MaskTableRuleConfiguration maskTableRuleConfig = new MaskTableRuleConfiguration("t_user", Arrays.asList(passwordColumn, emailColumn, telephoneColumn));
  13.         Map<String, AlgorithmConfiguration> maskAlgorithmConfigs = new LinkedHashMap<>(3, 1);
  14.         maskAlgorithmConfigs.put("md5_mask", new AlgorithmConfiguration("MD5", new Properties()));
  15.         Properties beforeSpecialCharsProps = new Properties();
  16.         beforeSpecialCharsProps.put("special-chars", "@");
  17.         beforeSpecialCharsProps.put("replace-char", "*");
  18.         maskAlgorithmConfigs.put("mask_before_special_chars_mask", new AlgorithmConfiguration("MASK_BEFORE_SPECIAL_CHARS", beforeSpecialCharsProps));
  19.         Properties keepFirstNLastMProps = new Properties();
  20.         keepFirstNLastMProps.put("first-n", "3");
  21.         keepFirstNLastMProps.put("last-m", "4");
  22.         keepFirstNLastMProps.put("replace-char", "*");
  23.         maskAlgorithmConfigs.put("keep_first_n_last_m_mask", new AlgorithmConfiguration("KEEP_FIRST_N_LAST_M", keepFirstNLastMProps));
  24.         MaskRuleConfiguration maskRuleConfig = new MaskRuleConfiguration(Collections.singleton(maskTableRuleConfig), maskAlgorithmConfigs);
  25.         try {
  26.             return ShardingSphereDataSourceFactory.createDataSource(DataSourceUtil.createDataSource("demo_ds"), Collections.singleton(maskRuleConfig), new Properties());
  27.         } catch (final SQLException ex) {
  28.             ex.printStackTrace();
  29.             return null;
  30.         }
  31.     }
  32. }

相关参考