Data Masking

Background

The data masking Java API rule configuration allows users to directly create ShardingSphereDataSource objects by writing java code. The Java API configuration method is very flexible and can integrate various types of business systems without relying on additional jar packages.

Parameters

Root Configuration

Class name: org.apache.shardingsphere.mask.api.config.MaskRuleConfiguration

Attributes:

NameDataTypeDescriptionDefault Value
tables (+)Collection<MaskTableRuleConfiguration>Mask table rule configurations
maskAlgorithms (+)Map<String, AlgorithmConfiguration>Mask algorithm name and configurations

Mask Table Rule Configuration

Class name: org.apache.shardingsphere.mask.api.config.rule.MaskTableRuleConfiguration

Attributes:

NameDataTypeDescription
nameStringTable name
columns (+)Collection<MaskColumnRuleConfiguration>Mask column rule configurations

Mask Column Rule Configuration

Class name: org.apache.shardingsphere.mask.api.config.rule.MaskColumnRuleConfiguration

Attributes:

NameDataTypeDescription
logicColumnStringLogic column name
maskAlgorithmStringMask algorithm name

Mask Algorithm Configuration

Class name: org.apache.shardingsphere.infra.config.algorithm.AlgorithmConfiguration

Attributes:

NameDataTypeDescription
nameStringMask algorithm name
typeStringMask algorithm type
propertiesPropertiesMask algorithm properties

Please refer to Built-in Data Masking Algorithm List for more details about type of algorithm.

Procedure

  1. Create a real data source mapping relationship, where key is the logical name of the data source and value is the datasource object.
  2. Create the data masking rule object MaskRuleConfiguration, and initialize the mask table object MaskTableRuleConfiguration, mask algorithm and other parameters in the object.
  3. Call createDataSource of ShardingSphereDataSourceFactory to create ShardingSphereDataSource.

Sample

  1. import java.util.Collections;
  2. import java.util.LinkedHashMap;
  3. import java.util.Properties;
  4. public final class MaskDatabasesConfiguration {
  5. @Override
  6. public DataSource getDataSource() throws SQLException {
  7. MaskColumnRuleConfiguration passwordColumn = new MaskColumnRuleConfiguration("password", "md5_mask");
  8. MaskColumnRuleConfiguration emailColumn = new MaskColumnRuleConfiguration("email", "mask_before_special_chars_mask");
  9. MaskColumnRuleConfiguration telephoneColumn = new MaskColumnRuleConfiguration("telephone", "keep_first_n_last_m_mask");
  10. MaskTableRuleConfiguration maskTableRuleConfig = new MaskTableRuleConfiguration("t_user", Arrays.asList(passwordColumn, emailColumn, telephoneColumn));
  11. Map<String, AlgorithmConfiguration> maskAlgorithmConfigs = new LinkedHashMap<>(3, 1);
  12. maskAlgorithmConfigs.put("md5_mask", new AlgorithmConfiguration("MD5", new Properties()));
  13. Properties beforeSpecialCharsProps = new Properties();
  14. beforeSpecialCharsProps.put("special-chars", "@");
  15. beforeSpecialCharsProps.put("replace-char", "*");
  16. maskAlgorithmConfigs.put("mask_before_special_chars_mask", new AlgorithmConfiguration("MASK_BEFORE_SPECIAL_CHARS", beforeSpecialCharsProps));
  17. Properties keepFirstNLastMProps = new Properties();
  18. keepFirstNLastMProps.put("first-n", "3");
  19. keepFirstNLastMProps.put("last-m", "4");
  20. keepFirstNLastMProps.put("replace-char", "*");
  21. maskAlgorithmConfigs.put("keep_first_n_last_m_mask", new AlgorithmConfiguration("KEEP_FIRST_N_LAST_M", keepFirstNLastMProps));
  22. MaskRuleConfiguration maskRuleConfig = new MaskRuleConfiguration(Collections.singleton(maskTableRuleConfig), maskAlgorithmConfigs);
  23. return ShardingSphereDataSourceFactory.createDataSource(DataSourceUtil.createDataSource("demo_ds"), Collections.singleton(maskRuleConfig), new Properties());
  24. }
  25. }