Data Masking #
The data masking Java API rule configuration allows users to create objects directly by writing Java code. The Java API configuration method is very flexible and can integrate various types of business systems without dependence on additional jar packages.
Parameter Explanation #
Configuration Entry #
Class name: org.apache.shardingsphere.mask.api.config.MaskRuleConfiguration
configurable properties:
| Name | Data type | Description | Default value |
|---|---|---|---|
| tables (+) | Collection<MaskTableRuleConfiguration> | Mask table rule configuration | |
| maskAlgorithms (+) | Map<String, AlgorithmConfiguration> | Mask algorithm name and configuration |
Mask Table Rule Configuration #
Class name: org.apache.shardingsphere.mask.api.config.rule.MaskTableRuleConfiguration
configurable properties:
| Name | Data type | Description |
|---|---|---|
| name | String | Table name |
| columns (+) | Collection<MaskColumnRuleConfiguration> | Mask column rule configuration list |
Mask Column Rule Configuration #
Class name: org.apache.shardingsphere.mask.api.config.rule.MaskColumnRuleConfiguration
configurable properties:
| Name | Data type | Description |
|---|---|---|
| logicColumn | String | Logic column name |
| maskAlgorithm | String | Mask algorithm name |
Mask Algorithm Configuration #
Class name: org.apache.shardingsphere.infra.config.algorithm.AlgorithmConfiguration
configurable properties:
| Name | Data type | Description |
|---|---|---|
| name | String | Mask algorithm name |
| type | String | Mask algorithm type |
| properties | Properties | Mask algorithm properties configuration |
For details of shadow algorithm types, please refer to Built-in mask algorithm list.
Operation Steps #
Create a real data source mapping relationship, the key is the logical data source name, and the value is the DataSource object;
Create mask rule object MaskRuleConfiguration, And initialize the masking table object MaskTableRuleConfiguration, masking algorithm and other parameters in the object;
Configuration Example #
copyimport java.util.Collections;
import java.util.LinkedHashMap;
import java.util.Properties;
public final class MaskDatabasesConfiguration implements ExampleConfiguration {
@Override
public DataSource getDataSource() {
MaskColumnRuleConfiguration passwordColumn = new MaskColumnRuleConfiguration("password", "md5_mask");
MaskColumnRuleConfiguration emailColumn = new MaskColumnRuleConfiguration("email", "mask_before_special_chars_mask");
MaskColumnRuleConfiguration telephoneColumn = new MaskColumnRuleConfiguration("telephone", "keep_first_n_last_m_mask");
MaskTableRuleConfiguration maskTableRuleConfig = new MaskTableRuleConfiguration("t_user", Arrays.asList(passwordColumn, emailColumn, telephoneColumn));
Map<String, AlgorithmConfiguration> maskAlgorithmConfigs = new LinkedHashMap<>(3, 1);
maskAlgorithmConfigs.put("md5_mask", new AlgorithmConfiguration("MD5", new Properties()));
Properties beforeSpecialCharsProps = new Properties();
beforeSpecialCharsProps.put("special-chars", "@");
beforeSpecialCharsProps.put("replace-char", "*");
maskAlgorithmConfigs.put("mask_before_special_chars_mask", new AlgorithmConfiguration("MASK_BEFORE_SPECIAL_CHARS", beforeSpecialCharsProps));
Properties keepFirstNLastMProps = new Properties();
keepFirstNLastMProps.put("first-n", "3");
keepFirstNLastMProps.put("last-m", "4");
keepFirstNLastMProps.put("replace-char", "*");
maskAlgorithmConfigs.put("keep_first_n_last_m_mask", new AlgorithmConfiguration("KEEP_FIRST_N_LAST_M", keepFirstNLastMProps));
MaskRuleConfiguration maskRuleConfig = new MaskRuleConfiguration(Collections.singleton(maskTableRuleConfig), maskAlgorithmConfigs);
try {
return ShardingSphereDataSourceFactory.createDataSource(DataSourceUtil.createDataSource("demo_ds"), Collections.singleton(maskRuleConfig), new Properties());
} catch (final SQLException ex) {
ex.printStackTrace();
return null;
}
}
}