在工作中, 我遇到了这样一个应用场景. 调用ant时传的属性参数中有连接数据库的密码, 在log中会显示出来, 如果将密码加密, 那么又会报数据库端的验证错误, 说不认这个经过加密的密码. 怎么办, 有两种方法, 一个是用java写自定义的ant task来解密传给ant script的密码. 然后用明文密码来连接数据库. 写java的缺点在于每次都要事先编译好这个ant task. 还有一种方法是在ant script写一个javascript task. 当然javascript可以调用java的解密函数, 这样不用每次运行ant script前都编译task. 具体脚本如下:
<project name="sfamx.cleanupdb" default="cleanup.db.logging">
<dirname property="sfamx.ddl.dir" file="${ant.file.sfamx.ddl.build}"/>
<target name="cleanupall" depends="replace.db.password, cleanup.db.logging"/>
<path id="jdbc.classpath">
<fileset dir="${db.driver.path}" includes="*.jar"/>
</path>
<property name="plaintext.password" value="${plainText}"/>
<target name="replace.db.password">
<script language="javascript">
<classpath>
<!-- for xxx 3.2 -->
<pathelement location="${tibco.home}/components/shared/1.0.0/plugins/com.tibco.security.tibcrypt_2.15.0.009.jar"/>
<pathelement location="${tibco.home}/components/shared/1.0.0/plugins/com.tibco.tpcl.org.slf4j.log4j12_1.6.200.001/slf4j-log4j12-1.5.2.jar"/>
<pathelement location="${tibco.home}/components/shared/1.0.0/plugins/com.tibco.tpcl.org.slf4j.log4j12_1.6.200.001/slf4j-api-1.5.2.jar"/>
<pathelement location="${tibco.home}/components/shared/1.0.0/plugins/com.tibco.tpcl.org.apache.log4j_1.2.400.002/log4j-1.2.15.jar"/>
<!-- for xxx 3.1.5 -->
<pathelement location="${tibco.home}/components/shared/1.0.0/plugins/com.tibco.security.tibcrypt_2.14.300.006.jar"/>
<pathelement location="${tibco.home}/components/shared/1.0.0/plugins/com.tibco.tpcl.org.slf4j.log4j12_1.5.101.001/slf4j-log4j12-1.5.2.jar"/>
<pathelement location="${tibco.home}/components/shared/1.0.0/plugins/com.tibco.tpcl.org.slf4j.log4j12_1.5.101.001/slf4j-api-1.5.2.jar"/>
<pathelement location="${tibco.home}/components/shared/1.0.0/plugins/com.tibco.tpcl.org.apache.log4j_1.2.300.004/log4j-1.2.15.jar"/>
</classpath>
<![CDATA[
importPackage(com.tibco.security);
var encryptedPassword = project.getProperty("admin.db.password");
var decryptedPassword = ObfuscationEngine.decrypt(encryptedPassword);
var plainText = new java.lang.String(decryptedPassword);
project.setProperty("plaintext.password", plainText)
]]>
</script>
</target>
<target name="cleanup.db.logging" depends="replace.db.password"
description="Run ddl to cleanup commonlogging tables in external database for amx administrator">
<sql
driver="${admin.db.driver}"
url="${admin.db.url}"
userid="${admin.db.username}"
password="${plaintext.password}"
print="yes">
<classpath refid="jdbc.classpath"/>
<transaction src="./${db.ddl.path}/drop_commonlogging.ddl"/>
</sql>
</target>
</project>输出
05/25/12 18:46:55.406 INFO: [ProcessWrapper] Executing: D:\build\fabric\DSEngine\resources\win32\wrappid.exe,D:\build\fabric\DSEngine\work\yangxiaoming-lt-1\antcall.pid,D:/build/fabric/DSEngine/work/yangxiaoming-lt-1/tibcoamx/tibcojre/1.6.0/bin/java,-cp,D:/build/fabric/DSEngine/work/yangxiaoming-lt-1/tibcoamx/tools/lib/antpackage.jar,org.apache.tools.ant.launch.Launcher,-f,D:\build\fabric\DSEngine\work\yangxiaoming-lt-1\scripts\cleanupDDL\cleanupDB.xml,-Dadmin.db.password=#!Panbl6s1FhkBUM70G9T+okR+fv5Nwoq+fYUx+SLzZi8=,-Dadmin.db.url=jdbc:sqlserver://192.168.71.99:1433;databasename=amxdb,-Dadmin.db.username=sa,-Ddb.ddl.path=mssql300,-Ddb.driver.path=D:\build\fabric\DSEngine\work\yangxiaoming-lt-1/fabric/mssql2008_driver,-Dtibco.home=D:/build/fabric/DSEngine/work/yangxiaoming-lt-1/tibcoamx,-Dadmin.db.driver=com.microsoft.sqlserver.jdbc.SQLServerDriver,cleanup.db.logging,
05/25/12 18:46:55.609 INFO: [ProcessWrapper] [STDOUT] Buildfile: D:\build\fabric\DSEngine\work\yangxiaoming-lt-1\scripts\cleanupDDL\cleanupDB.xml
05/25/12 18:46:55.875 INFO: [ProcessWrapper] [STDOUT]
05/25/12 18:46:55.875 INFO: [ProcessWrapper] [STDOUT] replace.db.password:
05/25/12 18:46:55.984 INFO: [ProcessWrapper] [STDOUT] [script] log4j:WARN No appenders could be found for logger (com.tibco.security.TIBCOSecurity).
05/25/12 18:46:55.984 INFO: [ProcessWrapper] [STDOUT] [script] log4j:WARN Please initialize the log4j system properly.
05/25/12 18:46:56.500 INFO: [ProcessWrapper] [STDOUT] [echo] Tibc02008
05/25/12 18:46:56.500 INFO: [ProcessWrapper] [STDOUT]
05/25/12 18:46:56.500 INFO: [ProcessWrapper] [STDOUT] cleanup.db.logging:
05/25/12 18:46:56.687 INFO: [ProcessWrapper] [STDOUT] [sql] Executing resource: D:\build\fabric\DSEngine\work\yangxiaoming-lt-1\scripts\cleanupDDL\mssql300\drop_commonlogging.ddl
05/25/12 18:46:56.687 INFO: [ProcessWrapper] [STDOUT] [sql] 0 rows affected
05/25/12 18:46:56.687 INFO: [ProcessWrapper] [STDOUT] [sql] 1 of 1 SQL statements executed successfully
05/25/12 18:46:56.703 INFO: [ProcessWrapper] [STDOUT]
05/25/12 18:46:56.703 INFO: [ProcessWrapper] [STDOUT] BUILD SUCCESSFUL
05/25/12 18:46:56.703 INFO: [ProcessWrapper] [STDOUT] Total time: 1 second
在ant中使用javascript, 在javascript又调用了java, 所以一定要注意数据的boxing和unboxing. 比如用java的方法返回decryptedPassword 时, 它其实已经被unboxing了, 失去了java的char[]类型, 但内在传递的值是不变的, 所以我们需要对它重新boxing, 让它成为java的String类型, 在boxing他的char[]值同时解码, 获得实际字符串, 也就是明文. 再将它传递给javascript的变量.
具体可以参考下这篇文章:
https://developer.mozilla.org/zh_tw/Core_JavaScript_1.5_%E6%95%99%E5%AD%B8/LiveConnect_%E6%A6%82%E8%A6%81/%E8%B3%87%E6%96%99%E9%A1%9E%E5%9E%8B%E7%9A%84%E8%BD%89%E6%8F%9B/%E5%BE%9E_JavaScript_%E5%88%B0_Java_%E7%9A%84%E8%BD%89%E6%8F%9B
补充:
To do more interesting things with Ant, you have access to properties, targets, and references. For an explanation of properties, targets, and references, refer to the ant manual
project.getProperty(string propertyName);
project.getUserProperty(string propertyName);
project.getTarget(string targetId);
project.getReference(string refereceId);
project is a shortcut for getProject(), which returns the project object.
self returns the script task itself for logging and other task specific utilities.