Mastering Druid: Configure Connection Pool, Encrypt Passwords, and Monitor SQL
This guide explains Druid’s key features—including a high‑performance connection pool, SQL monitoring, password encryption, and customizable JDBC filters—and provides step‑by‑step instructions for configuring the pool, creating a custom DruidPasswordCallback, generating RSA keys, encrypting passwords, and integrating the setup into Spring.
Druid Features
1. Replace DBCP and C3P0. Druid provides an efficient, powerful, and scalable database connection pool.
2. Monitor database access performance. Druid includes a StatFilter plugin that records detailed SQL execution metrics, useful for online performance analysis.
3. Database password encryption . Storing passwords in config files is insecure; DruidDriver and DruidDataSource support PasswordCallback.
4. SQL execution logging. Druid offers various LogFilter implementations supporting Common-Logging, Log4j, and JDK logging, allowing you to monitor database access.
5. Extend JDBC. Druid’s Filter mechanism lets you easily write custom JDBC extensions.
1. Configure Druid Connection Pool
Note the following points:
2. Create DruidPasswordCallback Subclass
DBPasswordCallback extends com.alibaba.druid.util.DruidPasswordCallback and overrides the setProperties method, using setPassword(password.toCharArray()) from its parent class.
Code tracing process:
1. Use com.alibaba.druid.filter.config.ConfigTools encryption and decryption methods.
ConfigTools uses default public and private keys; you can generate your own key pair.
2. Use RSA public and private keys to generate a key pair.
Result:
The above is the public key; the below is the private key.
3. Encrypt the plaintext password with the private key.
Result:
Set this encrypted string as the database password.
4. Callback class needed for password parsing.
PasswordCallback resides in the javax.security.auth.callback package; the security service creates a PasswordCallback and passes it to CallbackHandler.handle to obtain the password.
Alternatively, you can implement your own encryption/decryption by replacing the call to ConfigTools.decrypt(PUBLIC_KEY_STRING, pwd) .
3. Store Encrypted Information in jdbc.properties
Note: Ensure the password settings in steps 2 and 3 match; the original password used for encryption/decryption must correspond.
4. Set Custom DruidPasswordCallback
Add the following bean definition to your Spring configuration file:
You can also extend Spring’s PropertyPlaceholderConfigurer; see the example code below:
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Java Backend Technology
Focus on Java-related technologies: SSM, Spring ecosystem, microservices, MySQL, MyCat, clustering, distributed systems, middleware, Linux, networking, multithreading. Occasionally cover DevOps tools like Jenkins, Nexus, Docker, and ELK. Also share technical insights from time to time, committed to Java full-stack development!
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.