tessl/maven-com-alibaba--druid-spring-boot-starter
Spring Boot starter that provides auto-configuration and integration support for Alibaba Druid database connection pool and monitoring system.
—
Pending
filter-configuration.mddocs/
Filter Configuration
The Druid Spring Boot Starter provides automatic configuration and registration of various Druid filters for logging, security, statistics, encoding, and configuration management.
Capabilities
DruidFilterConfiguration
Central configuration class that conditionally creates and configures various Druid filter beans based on properties.
/**
* Auto-configuration for Druid filters
* Each filter is conditionally created based on enabled property
*/
public class DruidFilterConfiguration {
/**
* Creates StatFilter for SQL execution statistics
* Tracks SQL performance, slow queries, and execution patterns
* @return Configured StatFilter instance
*/
@Bean
@ConfigurationProperties("spring.datasource.druid.filter.stat")
@ConditionalOnProperty(prefix = "spring.datasource.druid.filter.stat", name = "enabled")
@ConditionalOnMissingBean
public StatFilter statFilter();
/**
* Creates ConfigFilter for encrypted password and external configuration support
* Enables password encryption and configuration file inclusion
* @return Configured ConfigFilter instance
*/
@Bean
@ConfigurationProperties("spring.datasource.druid.filter.config")
@ConditionalOnProperty(prefix = "spring.datasource.druid.filter.config", name = "enabled")
@ConditionalOnMissingBean
public ConfigFilter configFilter();
/**
* Creates EncodingConvertFilter for character encoding conversion
* Handles character set conversion for SQL parameters and results
* @return Configured EncodingConvertFilter instance
*/
@Bean
@ConfigurationProperties("spring.datasource.druid.filter.encoding")
@ConditionalOnProperty(prefix = "spring.datasource.druid.filter.encoding", name = "enabled")
@ConditionalOnMissingBean
public EncodingConvertFilter encodingConvertFilter();
/**
* Creates Slf4jLogFilter for SLF4J logging integration
* Logs SQL statements and connection events using SLF4J
* @return Configured Slf4jLogFilter instance
*/
@Bean
@ConfigurationProperties("spring.datasource.druid.filter.slf4j")
@ConditionalOnProperty(prefix = "spring.datasource.druid.filter.slf4j", name = "enabled")
@ConditionalOnMissingBean
public Slf4jLogFilter slf4jLogFilter();
/**
* Creates Log4jFilter for Log4j 1.x logging integration
* Logs SQL statements and connection events using Log4j
* @return Configured Log4jFilter instance
*/
@Bean
@ConfigurationProperties("spring.datasource.druid.filter.log4j")
@ConditionalOnProperty(prefix = "spring.datasource.druid.filter.log4j", name = "enabled")
@ConditionalOnMissingBean
public Log4jFilter log4jFilter();
/**
* Creates Log4j2Filter for Log4j 2.x logging integration
* Logs SQL statements and connection events using Log4j 2
* @return Configured Log4j2Filter instance
*/
@Bean
@ConfigurationProperties("spring.datasource.druid.filter.log4j2")
@ConditionalOnProperty(prefix = "spring.datasource.druid.filter.log4j2", name = "enabled")
@ConditionalOnMissingBean
public Log4j2Filter log4j2Filter();
/**
* Creates CommonsLogFilter for Commons Logging integration
* Logs SQL statements and connection events using Commons Logging
* @return Configured CommonsLogFilter instance
*/
@Bean
@ConfigurationProperties("spring.datasource.druid.filter.commons-log")
@ConditionalOnProperty(prefix = "spring.datasource.druid.filter.commons-log", name = "enabled")
@ConditionalOnMissingBean
public CommonsLogFilter commonsLogFilter();
/**
* Creates WallConfig for SQL firewall configuration
* Configures security rules and policies for WallFilter
* @return Configured WallConfig instance
*/
@Bean
@ConfigurationProperties("spring.datasource.druid.filter.wall.config")
@ConditionalOnProperty(prefix = "spring.datasource.druid.filter.wall", name = "enabled")
@ConditionalOnMissingBean
public WallConfig wallConfig();
/**
* Creates WallFilter for SQL injection protection
* Provides SQL firewall functionality with security rule enforcement
* @param wallConfig Configuration object for security rules
* @return Configured WallFilter instance with security policies
*/
@Bean
@ConfigurationProperties("spring.datasource.druid.filter.wall")
@ConditionalOnProperty(prefix = "spring.datasource.druid.filter.wall", name = "enabled")
@ConditionalOnMissingBean
public WallFilter wallFilter(WallConfig wallConfig);
}Filter Types and Configuration
StatFilter - SQL Statistics
Collects SQL execution statistics including performance metrics and slow query detection.
Configuration Properties:
# Enable StatFilter
spring.datasource.druid.filter.stat.enabled=true
# Database type for optimal statistics collection
spring.datasource.druid.filter.stat.db-type=mysql
# Slow SQL logging
spring.datasource.druid.filter.stat.log-slow-sql=true
spring.datasource.druid.filter.stat.slow-sql-millis=3000
# Merge SQL statements for better statistics
spring.datasource.druid.filter.stat.merge-sql=true
# Connection stack trace collection
spring.datasource.druid.filter.stat.connection-stack-trace-enable=trueSupported Database Types: db2, postgresql, sqlserver, oracle, AliOracle, mysql, mariadb, hive, h2, lealone, dm, kingbase, tydb, oceanbase, xugu, odps, teradata, log4jdbc, phoenix, edb, kylin, sqlite
WallFilter - SQL Security
Provides SQL injection protection and security rule enforcement.
Configuration Properties:
# Enable WallFilter
spring.datasource.druid.filter.wall.enabled=true
# Database type for security rules
spring.datasource.druid.filter.wall.db-type=mysql
# Security policy configuration
spring.datasource.druid.filter.wall.config.delete-allow=false
spring.datasource.druid.filter.wall.config.drop-table-allow=false
spring.datasource.druid.filter.wall.config.create-table-allow=true
spring.datasource.druid.filter.wall.config.alter-table-allow=false
spring.datasource.druid.filter.wall.config.truncate-allow=false
# Function call restrictions
spring.datasource.druid.filter.wall.config.select-into-outfile-allow=false
spring.datasource.druid.filter.wall.config.select-union-check=true
# Comment and hint restrictions
spring.datasource.druid.filter.wall.config.comment-allow=false
spring.datasource.druid.filter.wall.config.multi-statement-allow=falseConfigFilter - Configuration Management
Supports encrypted passwords and external configuration file inclusion.
Configuration Properties:
# Enable ConfigFilter
spring.datasource.druid.filter.config.enabled=true
# Encrypted password configuration
spring.datasource.druid.connection-properties=config.decrypt=true;config.decrypt.key=${DRUID_DECRYPT_KEY}
# External configuration file
spring.datasource.druid.filter.config.file=classpath:druid-config.propertiesPassword Encryption Example:
// Generate encrypted password
String encryptedPassword = ConfigTools.encrypt("your-password");
// Use in configuration
spring.datasource.druid.password=${ENCRYPTED_PASSWORD}
spring.datasource.druid.connection-properties=config.decrypt=true;config.decrypt.key=${DECRYPT_KEY}Logging Filters
Multiple logging integration options for SQL statement and connection event logging.
SLF4J Logging Filter:
# Enable SLF4J logging
spring.datasource.druid.filter.slf4j.enabled=true
spring.datasource.druid.filter.slf4j.statement-executable-sql-log-enable=true
spring.datasource.druid.filter.slf4j.statement-log-enabled=true
spring.datasource.druid.filter.slf4j.statement-log-error-enabled=true
spring.datasource.druid.filter.slf4j.connection-log-enabled=trueLog4j 2 Logging Filter:
# Enable Log4j2 logging
spring.datasource.druid.filter.log4j2.enabled=true
spring.datasource.druid.filter.log4j2.statement-executable-sql-log-enable=true
spring.datasource.druid.filter.log4j2.statement-log-enabled=trueCommons Logging Filter:
# Enable Commons Logging
spring.datasource.druid.filter.commons-log.enabled=true
spring.datasource.druid.filter.commons-log.statement-executable-sql-log-enable=trueEncodingConvertFilter - Character Encoding
Handles character encoding conversion for SQL parameters and results.
Configuration Properties:
# Enable encoding conversion
spring.datasource.druid.filter.encoding.enabled=true
spring.datasource.druid.filter.encoding.client-encoding=UTF-8
spring.datasource.druid.filter.encoding.server-encoding=ISO8859-1Filter Activation Methods
Method 1: Simple Filter String
Enable filters using a comma-separated string:
spring.datasource.druid.filters=stat,wall,slf4jThis method uses default configuration for each filter.
Method 2: Individual Filter Configuration
Enable and configure filters individually:
# StatFilter with custom configuration
spring.datasource.druid.filter.stat.enabled=true
spring.datasource.druid.filter.stat.slow-sql-millis=2000
spring.datasource.druid.filter.stat.log-slow-sql=true
# WallFilter with security policies
spring.datasource.druid.filter.wall.enabled=true
spring.datasource.druid.filter.wall.config.delete-allow=false
spring.datasource.druid.filter.wall.config.drop-table-allow=false
# SLF4J logging with specific settings
spring.datasource.druid.filter.slf4j.enabled=true
spring.datasource.druid.filter.slf4j.statement-log-enabled=trueMethod 3: Programmatic Configuration
Create custom filter beans:
@Configuration
public class CustomFilterConfig {
@Bean
public StatFilter customStatFilter() {
StatFilter filter = new StatFilter();
filter.setSlowSqlMillis(1000);
filter.setLogSlowSql(true);
filter.setMergeSql(true);
return filter;
}
@Bean
public WallFilter customWallFilter() {
WallFilter filter = new WallFilter();
WallConfig config = new WallConfig();
config.setDeleteAllow(false);
config.setDropTableAllow(false);
filter.setConfig(config);
return filter;
}
}Filter Chain and Ordering
Automatic Registration
Filters are automatically registered with DataSource in the order they are discovered:
- StatFilter - Should typically be first for accurate statistics
- WallFilter - Security filtering before other operations
- Logging Filters - Log filtered and processed SQL
- EncodingConvertFilter - Character conversion last
- ConfigFilter - Configuration support throughout chain
Custom Ordering
Control filter order through explicit bean naming:
@Configuration
public class FilterOrderConfig {
@Bean("filter1")
@Order(1)
public StatFilter statFilter() {
return new StatFilter();
}
@Bean("filter2")
@Order(2)
public WallFilter wallFilter() {
return new WallFilter();
}
}Configuration Examples
Development Environment
spring:
datasource:
druid:
# Enable multiple filters with detailed logging
filter:
stat:
enabled: true
slow-sql-millis: 1000
log-slow-sql: true
merge-sql: true
slf4j:
enabled: true
statement-log-enabled: true
statement-executable-sql-log-enable: true
wall:
enabled: true
config:
delete-allow: true
drop-table-allow: true
truncate-allow: trueProduction Environment
spring:
datasource:
druid:
# Security-focused filter configuration
filter:
stat:
enabled: true
slow-sql-millis: 3000
log-slow-sql: true
merge-sql: true
wall:
enabled: true
config:
delete-allow: false
drop-table-allow: false
truncate-allow: false
create-table-allow: false
alter-table-allow: false
comment-allow: false
multi-statement-allow: false
config:
enabled: true
# Encrypted password support
connection-properties: config.decrypt=true;config.decrypt.key=${DRUID_DECRYPT_KEY}Multi-DataSource Filter Configuration
# Primary DataSource filters
spring.datasource.druid.primary.filter.stat.enabled=true
spring.datasource.druid.primary.filter.wall.enabled=true
spring.datasource.druid.primary.filter.slf4j.enabled=true
# Secondary DataSource filters (different configuration)
spring.datasource.druid.secondary.filter.stat.enabled=true
spring.datasource.druid.secondary.filter.stat.slow-sql-millis=5000
spring.datasource.druid.secondary.filter.commons-log.enabled=trueInstall with Tessl CLI
npx tessl i tessl/maven-com-alibaba--druid-spring-boot-starter