软件版本信息
<dependency><groupId>org.apache.shardingsphere</groupId><artifactId>sharding-jdbc-spring-boot-starter</artifactId><version>4.1.1</version>
</dependency>
问题描述
整合SpringBoot框架的时候,做了主从读写分离,脱敏配置一直无效。其实我们项目是先使用了读写分离,还使用了Mybatis-plus,所以影响因素很多的。发现问题后,自己先搞了一个简单的demo,去掉Mybatis-plus和读写分离,发现脱敏是有用的。加上读写分离就失效了。所以应该是读写分离脱敏配置失效导致的。最后分析源码,找原因。
原因分析
通过源码分析,知道shardingsphere在注入配置信息的核心类是org.apache.shardingsphere.shardingjdbc.spring.boot.SpringBootConfiguration
代码如下:
@Configuration
@ComponentScan("org.apache.shardingsphere.spring.boot.converter")
@EnableConfigurationProperties({SpringBootShardingRuleConfigurationProperties.class,SpringBootMasterSlaveRuleConfigurationProperties.class, SpringBootEncryptRuleConfigurationProperties.class,SpringBootPropertiesConfigurationProperties.class, SpringBootShadowRuleConfigurationProperties.class})
@ConditionalOnProperty(prefix = "spring.shardingsphere", name = "enabled", havingValue = "true", matchIfMissing = true)
@AutoConfigureBefore(DataSourceAutoConfiguration.class)
@RequiredArgsConstructor
public class SpringBootConfiguration implements EnvironmentAware {private final SpringBootShardingRuleConfigurationProperties shardingRule;private final SpringBootMasterSlaveRuleConfigurationProperties masterSlaveRule;private final SpringBootEncryptRuleConfigurationProperties encryptRule;private final SpringBootShadowRuleConfigurationProperties shadowRule;private final SpringBootPropertiesConfigurationProperties props;private final Map<String, DataSource> dataSourceMap = new LinkedHashMap<>();private final String jndiName = "jndi-name";/*** Get sharding data source bean.** @return data source bean* @throws SQLException SQL exception*/@Bean@Conditional(ShardingRuleCondition.class)public DataSource shardingDataSource() throws SQLException {return ShardingDataSourceFactory.createDataSource(dataSourceMap, new ShardingRuleConfigurationYamlSwapper().swap(shardingRule), props.getProps());}/*** Get master-slave data source bean.** @return data source bean* @throws SQLException SQL exception*/@Bean@Conditional(MasterSlaveRuleCondition.class)public DataSource masterSlaveDataSource() throws SQLException {return MasterSlaveDataSourceFactory.createDataSource(dataSourceMap, new MasterSlaveRuleConfigurationYamlSwapper().swap(masterSlaveRule), props.getProps());}/*** Get encrypt data source bean.** @return data source bean* @throws SQLException SQL exception*/@Bean@Conditional(EncryptRuleCondition.class)public DataSource encryptDataSource() throws SQLException {return EncryptDataSourceFactory.createDataSource(dataSourceMap.values().iterator().next(), new EncryptRuleConfigurationYamlSwapper().swap(encryptRule), props.getProps());}/*** Get shadow data source bean.** @return data source bean* @throws SQLException SQL exception*/@Bean@Conditional(ShadowRuleCondition.class)public DataSource shadowDataSource() throws SQLException {return ShadowDataSourceFactory.createDataSource(dataSourceMap, new ShadowRuleConfigurationYamlSwapper().swap(shadowRule), props.getProps());}
}
从源码中会发现shardingsphere会根据配置不同注入不同的DataSource
,其中DataSource有如下几种:
- ShardingDataSource:分片的数据源;
- MasterSlaveDataSource:主从读写分离的数据源;
- EncryptDataSource:数据脱敏的数据源;
- ShadowDataSource:影子表数据源;
接下来咱们分析一下数据源的具体创建过程,因为本文只涉及到主从读写分离和数据脱敏相关,所以只分析这两个数据源的创建过程,其他两个各位大佬有兴趣自己去分析。
ShardingDataSource创建过程
其实创建数据源的过程的代码挺简单的,直接贴源码吧。
package org.apache.shardingsphere.shardingjdbc.api;import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import org.apache.shardingsphere.api.config.masterslave.MasterSlaveRuleConfiguration;
import org.apache.shardingsphere.core.rule.MasterSlaveRule;
import org.apache.shardingsphere.shardingjdbc.jdbc.core.datasource.MasterSlaveDataSource;import javax.sql.DataSource;
import java.sql.SQLException;
import java.util.Map;
import java.util.Properties;/*** Master-slave data source factory.*/
@NoArgsConstructor(access = AccessLevel.PRIVATE)
public final class MasterSlaveDataSourceFactory {/*** Create master-slave data source.** @param dataSourceMap data source map* @param masterSlaveRuleConfig master-slave rule configuration* @param props props* @return master-slave data source* @throws SQLException SQL exception*/public static DataSource createDataSource(final Map<String, DataSource> dataSourceMap, final MasterSlaveRuleConfiguration masterSlaveRuleConfig, final Properties props) throws SQLException {return new MasterSlaveDataSource(dataSourceMap, new MasterSlaveRule(masterSlaveRuleConfig), props);}
}
/** Licensed to the Apache Software Foundation (ASF) under one or more* contributor license agreements. See the NOTICE file distributed with* this work for additional information regarding copyright ownership.* The ASF licenses this file to You under the Apache License, Version 2.0* (the "License"); you may not use this file except in compliance with* the License. You may obtain a copy of the License at** http://www.apache.org/licenses/LICENSE-2.0** Unless required by applicable law or agreed to in writing, software* distributed under the License is distributed on an "AS IS" BASIS,* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.* See the License for the specific language governing permissions and* limitations under the License.*/package org.apache.shardingsphere.shardingjdbc.jdbc.core.datasource;import lombok.Getter;
import org.apache.shardingsphere.core.rule.MasterSlaveRule;
import org.apache.shardingsphere.shardingjdbc.jdbc.adapter.AbstractDataSourceAdapter;
import org.apache.shardingsphere.shardingjdbc.jdbc.core.connection.MasterSlaveConnection;
import org.apache.shardingsphere.shardingjdbc.jdbc.core.context.MasterSlaveRuntimeContext;
import org.apache.shardingsphere.spi.NewInstanceServiceLoader;
import org.apache.shardingsphere.underlying.route.decorator.RouteDecorator;import javax.sql.DataSource;
import java.sql.SQLException;
import java.util.Map;
import java.util.Properties;/*** Master-slave data source.*/
@Getter
public class MasterSlaveDataSource extends AbstractDataSourceAdapter {private final MasterSlaveRuntimeContext runtimeContext;static {NewInstanceServiceLoader.register(RouteDecorator.class);}public MasterSlaveDataSource(final Map<String, DataSource> dataSourceMap, final MasterSlaveRule masterSlaveRule, final Properties props) throws SQLException {super(dataSourceMap);runtimeContext = new MasterSlaveRuntimeContext(dataSourceMap, masterSlaveRule, props, getDatabaseType());}@Overridepublic final MasterSlaveConnection getConnection() {return new MasterSlaveConnection(getDataSourceMap(), runtimeContext);}
}
创建过程非常简单,从创建过程会发现,核心的属性有如下几个:
- dataSourceMap:主从数据源集合;
- masterSlaveRule:主从规则配置;
- props:额外的属性配置;
到这里会发现,主从数据源创建过程根本不会涉及到数据脱敏的配置信息。我又特意看了一下创建Connection和PreparedStatement也一样根本没有涉及到脱敏相关的配置,自然在使用了主从的时候就脱敏配置可能会失效,这里为啥是可能呢?后文再说。
EncryptDataSource创建过程
创建过程也是挺简单的,直接贴代码吧
@Getter
public class EncryptDataSource extends AbstractDataSourceAdapter {private final EncryptRuntimeContext runtimeContext;static {NewInstanceServiceLoader.register(SQLRewriteContextDecorator.class);NewInstanceServiceLoader.register(ResultProcessEngine.class);}public EncryptDataSource(final DataSource dataSource, final EncryptRule encryptRule, final Properties props) throws SQLException {super(dataSource);runtimeContext = new EncryptRuntimeContext(dataSource, encryptRule, props, getDatabaseType());}@Overridepublic final EncryptConnection getConnection() throws SQLException {return new EncryptConnection(getDataSource().getConnection(), runtimeContext);}/*** Get data source.** @return data source*/public DataSource getDataSource() {return getDataSourceMap().values().iterator().next();}
}
这里就不一样了,会发现有脱敏相关配置的关联,即:encryptRule 信息,所以配置单数据源的时候,脱敏配置是可以生效的。
小扩展
第一:遗留一个问题,那做分片的时候,脱敏有效吗?看官大佬,自己去看源码哈。
第二:解答一下,之前说配置了主从分离可能会导致脱敏失效;为什么说可能呢?回到最开始的那个源码类就知道答案了。因为shardingsphere创建数据源的过程中是有条件的,大家可以去看看条件。所以当配置读写分离和脱敏配置的时候,会同时注入两个数据源。所以可能会导致代码中引用错数据源DataSource对象,所以可能会失效。在这里还需要注意一个仔细就是:创建脱敏数据源对象的时候,shardingsphere是取的dataSourceMap的首个对象,是不是觉得代码在走钢丝,配置多个数据源的时候,可能出现莫名其妙的问题。这里只是我的见解哈,因为整个Java生态框架整合的时候,每个框架的具体仔细我不能保证都非常清楚,所以说可能。只是觉得作为框架,应该考虑更多一些,要么抛异常,不能想当然取第一个,这种做法就是我们在工作中做需求的时候的我认为。
数据源创建条件截图如下:
这两个类的实现代码如下:
public final class MasterSlaveRuleCondition extends SpringBootCondition {private static final String MASTER_SLAVE_NAME = "spring.shardingsphere.masterslave.name";@Overridepublic ConditionOutcome getMatchOutcome(final ConditionContext conditionContext, final AnnotatedTypeMetadata annotatedTypeMetadata) {return conditionContext.getEnvironment().containsProperty(MASTER_SLAVE_NAME)? ConditionOutcome.match() : ConditionOutcome.noMatch("Can't find ShardingSphere master-slave rule configuration in environment.");}
}
public final class EncryptRuleCondition extends SpringBootCondition {private static final String ENCRYPT_ENCRYPTORS_PREFIX = "spring.shardingsphere.encrypt.encryptors";private static final String ENCRYPT_TABLES_PREFIX = "spring.shardingsphere.encrypt.tables";@Overridepublic ConditionOutcome getMatchOutcome(final ConditionContext conditionContext, final AnnotatedTypeMetadata annotatedTypeMetadata) {boolean isEncrypt = PropertyUtil.containPropertyPrefix(conditionContext.getEnvironment(), ENCRYPT_ENCRYPTORS_PREFIX) && PropertyUtil.containPropertyPrefix(conditionContext.getEnvironment(), ENCRYPT_TABLES_PREFIX);return isEncrypt ? ConditionOutcome.match() : ConditionOutcome.noMatch("Can't find ShardingSphere encrypt rule configuration in environment.");}
}
通过条件源码会发现,条件重合是会发生的。
解决方案
知道原因了,就好解决了。初步的思路,在创建MasterSlaveDataSource对象的时候,给每个实际的数据源再套一层EncryptDataSource数据源,就应该可以解决问题。到这里就可以借助Spring给我们扩展点了,我使用的对象创建的前置方法代码如下:
@EnableConfigurationProperties(SpringBootCustomEncryptRuleConfigurationProperties.class)
@Configuration
@RequiredArgsConstructor
public class MasterSlaveEncryptDataSourceConfig implements BeanPostProcessor {private final SpringBootCustomEncryptRuleConfigurationProperties encryptRule;private final SpringBootPropertiesConfigurationProperties props;@Overridepublic Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {if (bean instanceof MasterSlaveDataSource dataSource) {Map<String, DataSource> dataSourceMap = dataSource.getDataSourceMap();Map<String, DataSource> encryptDataSourceMap = new HashMap<>();dataSourceMap.forEach((k, v) -> {try {encryptDataSourceMap.put(k, EncryptDataSourceFactory.createDataSource(dataSourceMap.values().iterator().next(), new EncryptRuleConfigurationYamlSwapper().swap(encryptRule), props.getProps()));} catch (SQLException e) {e.printStackTrace();}});dataSource.getDataSourceMap().putAll(encryptDataSourceMap);return dataSource;} else {return bean;}}
}
@ConfigurationProperties(prefix = "spring.shardingsphere.custom-encrypt")
public class SpringBootCustomEncryptRuleConfigurationProperties extends YamlEncryptRuleConfiguration {}
有人可能会好奇哦,为啥需要后面这个类呢,仔细思考一下就知道了,如果使用了shardingsphere自带的脱敏配置类SpringBootEncryptRuleConfigurationProperties那就会创建一个EncryptDataSource数据源对象了,之前说过,注入多个数据源对象,可能会有副作用,所以自己搞一个脱敏配置类,配置信息也和自带分离,这样就不会注入自带的EncryptDataSource数据源对象了。
最后自己验证结果是没有问题的。
总结
从源码中,可以学习到如何如下:
- 学习了
@Conditional
注解一种用法和使用场景; - 使用了工厂设计模式,可以借鉴使用场景和思路;
- 使用了装饰模式,使用场景加强一个类的功能;原生
DataSource
===>EncryptDataSource
===>MasterSlaveDataSource
; - 使用Spring框架的高级扩展点,去完成我们实际的开发任务。