Help Center/ Database Security Service/ User Guide/ Enabling and Using Database Security Encryption/ System Function Configuration and Application Scenario Examples/ Scenario 3: Typical Configuration Examples for Service Tests
Updated on 2025-04-16 GMT+08:00
View PDF
Share

Scenario 3: Typical Configuration Examples for Service Tests

Database encryption and access control support initial analysis on database assets by using the service analysis function to eliminate service errors that may be caused by encryption. Figure 1 shows the service test process.

Figure 1 Service test process

Networking Description

Database encryption and access control uses the reverse proxy mode. The following figure shows the typical networking.

Figure 2 Networking

Prerequisites

  • The route between the device and the application system is reachable.
  • The route between the device and the database is reachable.

Step 1: Adding a Data Source

Add a database on the Assets Management page.

  1. Log in to the web console of the instance as user sysadmin.
  2. In the navigation pane, choose Assets Management > Data Source Management.
  3. Click Add Data Source in the upper right corner.
  4. In the Add Data Source dialog box, configure asset information.
    Figure 3 Adding a data source

    Host information and log information are optional. The SSH service must be enabled on the database server.

  5. After the configuration is complete, click Test Database Connection to check whether the database can be connected.
  6. Click Test Account Permission to check whether the database account permission meets the encryption requirements.
  7. Click Save.

Step 2: Creating a Service Analysis Task

Before encryption, create a service analysis task to test whether the service SQL is supported.

  1. Log in to the web console of the instance as user sysadmin.
  2. In the navigation tree on the left, choose Service Test > Service Analysis.
  3. In the data source area on the left, click a data source.
    Figure 4 Adding a service analysis task
  4. Click Add Analysis Table, configure a table, and click Confirm.
    Figure 5 Configuring a table for analysis

    Locate the target table and click the start button .

Step 3: Running SQL Statements Through the Proxy

Use the proxy address to access the database and run service SQL statements to check whether services are affected after database tables and fields are encrypted.

  1. Log in to the web console of the instance as user sysadmin.
  2. In the navigation pane on the left, choose Assets Management > Data Source Management, locate the target database, and click Edit to view the database proxy IP address and port number.
    Figure 6 Viewing the proxy IP address and port number
  3. On the database connection tool, use the proxy IP address and port to access the database.
    Figure 7 Accessing a database

    Set the IP address and port number to the proxy IP address and port number obtained in the previous step. Set the username and password to the original username and password of the database.

  4. Execute the SQL statement used by the service.
    The preceding SQL statements are only examples. In practice, you need to run the SQL statements used in services to facilitate service analysis.
    Table 1 SQL statement examples

    SQL type.

    Example

    Normal Statement

    SELECT * FROM `sys_user`;

    Exception statements:

    SELECT * FROMM `sys_user`;

    Blocking Statement

    RENAME TABLE sys_user to abc;

Step 4: Viewing the Service Analysis Result

After service SQL statements are executed, the system records abnormal and blocked SQL statements and analyzes the blocking causes.

  1. Log in to the web console of the instance as user sysadmin.
  2. In the navigation tree on the left, choose Service Test > Service Analysis.
  3. In the data source area on the left, click a data source.
  4. Click Parse Exception SQL to view the abnormal SQL statements.
    Figure 8 Abnormal SQL statements
  5. View blocked SQL statements and system suggestions.
    Figure 9 Blocked SQL statements
  6. In the Exception Records column, view the number of blocked SQL statements.
  7. Click View Logs to view the specific blocked SQL statement and error message.
    Figure 10 SQL statement blocking log
  8. Click Analysis Report to view the encryption suggestions of the table.
    Figure 11 Analysis and suggestions

    The service test result shows that if the database table is encrypted, the SQL statement running of the service is affected. Therefore, you are not advised to encrypt the database table.