Project Introduction
Log desensitization is a common security requirements. Common methods of tools based approach, too invasive on the code. Write up has been particularly troublesome.
The project provides annotation-based way, and built desensitization common way to facilitate the development.
characteristic
- Notes log desensitization based.
- You can customize the policy implementation, policy is in effect conditions.
- Common built desensitization program.
- java deep copy, and the original object without implementing any interface.
- It supports user-defined annotations.
Custom annotation
Import maven
<dependency>
<groupId>com.github.houbb</groupId> <artifactId>sensitive</artifactId> <version>0.0.4</version> </dependency>
Custom annotation
v0.0.4 new features. Allows custom criteria annotations and annotation strategy.
Case
Custom annotation
- Strategy desensitization
/**
* 自定义密码脱敏策略
* @author binbin.hou
* date 2019/1/17
* @since 0.0.4
*/
@Inherited
@Documented @Target(ElementType.FIELD) @Retention(RetentionPolicy.RUNTIME) @SensitiveStrategy(CustomPasswordStrategy.class) public @interface SensitiveCustomPasswordStrategy { }
- Desensitization entry into force
/**
* 自定义密码脱敏策略生效条件
* @author binbin.hou
* date 2019/1/17
* @since 0.0.4
*/
@Inherited
@Documented @Target(ElementType.FIELD) @Retention(RetentionPolicy.RUNTIME) @SensitiveCondition(ConditionFooPassword.class) public @interface SensitiveCustomPasswordCondition{ }
- TIPS
@SensitiveStrategy
When used alone strategy, the default is in effect.
If there @SensitiveCondition
notes, only when the conditions are met, will be performed desensitization strategy.
@SensitiveCondition
only to systems built custom annotations and notes into effect, because @Sensitive
have their own strategies for entry into force.
- Policy Priority
@Sensitive
Priority entry into force, then the system built-in notes, and finally the user-defined annotations.
Corresponding implementation
Two yuan annotations @SensitiveStrategy
, @SensitiveCondition
specify the corresponding implementation.
- CustomPasswordStrategy.java
public class CustomPasswordStrategy implements IStrategy { @Override public Object des(Object original, IContext context) { return "**********************"; } }
- ConditionFooPassword.java
/**
* 让这些 123456 的密码不进行脱敏
* @author binbin.hou
* date 2019/1/2
* @since 0.0.1
*/
public class ConditionFooPassword implements ICondition { @Override public boolean valid(IContext context) { try { Field field = context.getCurrentField(); final Object currentObj = context.getCurrentObject(); final String name = (String) field.get(currentObj); return !name.equals("123456"); } catch (IllegalAccessException e) { throw new RuntimeException(e); } } }
The definition of the test object
Define a custom annotation objects of use.
public class CustomPasswordModel {
@SensitiveCustomPasswordCondition @SensitiveCustomPasswordStrategy private String password; @SensitiveCustomPasswordCondition @SensitiveStrategyPassword private String fooPassword; //其他方法 }
test
/**
* 自定义注解测试
*/
@Test
public void customAnnotationTest() { final String originalStr = "CustomPasswordModel{password='hello', fooPassword='123456'}"; final String sensitiveStr = "CustomPasswordModel{password='**********************', fooPassword='123456'}"; CustomPasswordModel model = buildCustomPasswordModel(); Assert.assertEquals(originalStr, model.toString()); CustomPasswordModel sensitive = SensitiveUtil.desCopy(model); Assert.assertEquals(sensitiveStr, sensitive.toString()); Assert.assertEquals(originalStr, model.toString()); }
The method of constructing an object as follows:
/**
* 构建自定义密码对象
* @return 对象
*/
private CustomPasswordModel buildCustomPasswordModel(){ CustomPasswordModel model = new CustomPasswordModel(); model.setPassword("hello"); model.setFooPassword("123456"); return model; }