[英]How do I define a PasswordEncoder using annotations in Spring?
I am using Spring-Boot v1.3.0.M2. 我正在使用Spring-Boot v1.3.0.M2。 I am trying to define a osscpPasswordEncoder
using annotations. 我正在尝试使用注释定义osscpPasswordEncoder
。 My configuration class looks like the following. 我的配置类如下所示。 This example works fine. 这个例子很好用。
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder getPasswordEncoder() {
return new StandardPasswordEncoder();
}
}
However, I would like to instantiate the StandardPasswordEncoder
with a secret, and I've revised my class as follows. 但是,我想用一个秘密实例化StandardPasswordEncoder
,并且我对类进行了如下修改。
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
@Value(value="${password.secret}")
private String secret;
@Bean
public PasswordEncoder getPasswordEncoder() {
return new StandardPasswordEncoder(secret);
}
}
Please note my Spring-Boot application looks like the following. 请注意,我的Spring-Boot应用程序如下所示。
@SpringBootApplication
@PropertySource("classpath:/config/myapp.properties")
public class Application {
public static void main(String[] args) {
SpringApplications.run(Application.class, args);
}
@Bean
public static PropertySourcesPlaceholderConfigurer getPropertySourcesPlaceholdConfigurer() {
return new PropertySourcesPlaceholderConfigurer();
}
}
And my myapp.properties
looks like the following. 我的myapp.properties
如下所示。
password.secret=fsdkjfsldfsdfsdfsdf
When I try to run my Spring-Boot application, I get the following exception. 当我尝试运行Spring-Boot应用程序时,出现以下异常。
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.crypto.password.PasswordEncoder]: Circular reference involving containing bean 'webSecurityConfig' - consider declaring the factory method as static for independence from its containing instance. Factory method 'getPasswordEncoder' threw exception; nested exception is java.lang.NullPointerException
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588)
... 102 more
The PasswordEncoder
couldn't be instantiated because the field private String secret;
因为字段private String secret;
所以无法实例化PasswordEncoder
private String secret;
is not set, and thus the NullPointerException
(NPE). 未设置,因此NullPointerException
(NPE)。 I tried making the method getPasswordEncoder
static as well as the field secret
, but that doesn't help. 我试图使方法getPasswordEncoder
以及字段secret
静态的,但这无济于事。
Any ideas on how I can use annotations to get an instance of PasswordEncoder
with a secret? 关于如何使用注释来秘密获取PasswordEncoder
实例的任何想法?
A bcrypt password encryptor, which Spring recommends over SHA or MD5, can be configured like this: Spring推荐在SHA或MD5上使用的bcrypt密码加密器可以这样配置:
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
I found the answer by tinkering a bit. 我通过修补找到了答案。 I removed the field secret
and simply annotated the parameter with the method instead as follows. 我删除了字段secret
,仅使用方法对参数进行了注释,如下所示。
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder getPasswordEncoder(@Value(value="${password.secret}") String secret) {
return new StandardPasswordEncoder(secret);
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.