在旧版用户的symfony2 security.yml中使用MD5
[英]Using MD5 in symfony2 security.yml for legacy users
问题描述
I have a legacy system which contains md5 hashed passwords. 
我有一个遗留系统,其中包含md5哈希密码。 I have tested these to be correct and they do not use a salt. 我测试过这些是正确的,他们不使用盐。
security.yml security.yml
security:
encoders:
Namespace\MyBundle\Entity\User:
algorithm: md5
providers:
entityUsers:
entity: { class: NamespaceBundle:User, property: username }
In my User entity I have implemented UserInterface and made sure the salt is set to the empty string . 在我的User实体中,我实现了UserInterface,并确保将salt设置为空字符串 。
But I get a bad credentials error when trying to authenticate. 但是在尝试进行身份验证时出现错误的凭据错误。
I have tried switching security.yml to plaintext and entered the hash and the system works fine. 我已经尝试将security.yml切换到明文并输入哈希,系统工作正常。
Surely md5 should just work? 当然md5应该有效吗?
2 个解决方案
解决方案1
22 2014-07-10 15:39:10
I was having exactly the same problem and had to dig into the code to find out why. 我遇到了完全相同的问题,不得不深入研究代码以找出原因。
You don't need to create a custom encoder. 您无需创建自定义编码器。
By default, the MessageDigestPasswordEncoder encoder ( Symfony\\Component\\Security\\Core\\Encoder\\MessageDigestPasswordEncoder ) in Symfony 2.5 - and possibly all Symfony 2 releases - calculates the MD5 hash of the raw password, with/without using a salt, as expected, and then re-hashes the MD5 a number of times (5000 times, by default, in Symfony 2.5) . 默认情况下, MessageDigestPasswordEncoder编码器( Symfony\\Component\\Security\\Core\\Encoder\\MessageDigestPasswordEncoder在Symfony的2.5) -且可能所有的Symfony 2发布-计算原始密码的MD5哈希,使用/不使用的盐,如预期的, 和然后多次重新哈希MD5(默认为5000次,在Symfony 2.5中) 。 To make things that little bit more exciting, the encoder will also base64-encode the hash, by default . 为了使事情更令人兴奋, 默认情况下 , 编码器还将对哈希进行64位编码 。 Both of those features were causing problems for me. 这两个功能都给我带来了麻烦。
You can fix the problem(s) by disabling the re-hashing and/or disabling the base64 encoding, in security.yml , thus: 您可以通过在security.yml禁用重新散列和/或禁用base64编码来解决问题,因此:
security:
encoders:
Namespace\Of\Your\User:
algorithm: md5
encode_as_base64: false
iterations: 0
Hope that saves you some time. 希望能为您节省一些时间。
解决方案2
6 2013-09-11 10:53:01
Turns out that the md5 in symfony2 uses a salt by default. 事实证明,symfony2中的md5默认使用salt。 There may be an easier way, but I just created a custom md5 password encoder interface that ignores salt. 可能有一种更简单的方法,但我刚创建了一个忽略salt的自定义md5密码编码器接口 。
Register a service 注册服务
namespace.project.md5password.encoder:
class: Namepspace\MyBundle\Services\CustomMd5PasswordEncoder
Create the encoder service 创建编码器服务
namespace Namespace\MyBundle\Services;
use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;
class CustomMd5PasswordEncoder implements PasswordEncoderInterface
{
public function __construct() {
}
public function encodePassword($raw, $salt) {
return md5($raw);
}
public function isPasswordValid($encoded, $raw, $salt) {
return md5($raw) == $encoded;
}
}
Use the new service in security.yml 在security.yml中使用新服务
security:
encoders:
Namespace\MyBundle\Entity\User:
id: namespace.project.md5password.encoder
Hope this helps 希望这可以帮助
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.