[英]Error implementing Jasypt with Hibernate 3 and Struts 2
I'm trying to encrypt passwords in a webapp using Jasypt with hibernate 3. I followed the instructions on the jasypt website . 我正在尝试使用带有休眠3的Jasypt加密web应用程序中的密码。我按照jasypt网站上的说明进行操作 。
Here's my hibernate mapping : 这是我的休眠映射:
<hibernate-mapping package="webapp.entity">
<typedef name="encrypted" class="org.jasypt.hibernate.type.EncryptedStringType">
<param name="encryptorRegisteredName">strongHibernateStringEncryptor</param>
</typedef>
<class name="User" table="Users">
<id name="name"
column="name"
type="string">
</id>
<property name="passwd"
column="passwd"
type="encrypted"
not-null="true">
</property>
</class>
</hibernate-mapping>
Now I register the encryptor each time I open a session with hibernate : 现在,每次我与hibernate打开会话时,我都会注册加密器:
public void initHibSession() {
HibernateUtil.buildSessionFactory();
hib_session = HibernateUtil.getSessionFactory().getCurrentSession();
if (hib_session != null && hib_session.isOpen()) {
hib_session.close();
hib_session = HibernateUtil.getSessionFactory().openSession();
}
hib_session.beginTransaction();
StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
strongEncryptor.setPassword("aStrongPassword");
HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance();
registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);
}
Then, each time I try to access a user, this exception is thrown : 然后,每次我尝试访问用户时,都会引发此异常:
FreeMarker template error!
Method public java.lang.String org.apache.commons.lang.exception.NestableRuntimeException.getMessage(int) threw an exception when invoked on org.jasypt.exceptions.EncryptionInitializationException: No string encryptor registered for hibernate with name "strongHibernateEncryptor"
The problematic instruction:
----------
==> ${msgs[0][0]} [on line 76, column 25 in org/apache/struts2/dispatcher/error.ftl]
----------
Java backtrace for programmers:
----------
freemarker.template.TemplateModelException: Method public java.lang.String org.apache.commons.lang.exception.NestableRuntimeException.getMessage(int) threw an exception when invoked on org.jasypt.exceptions.EncryptionInitializationException: No string encryptor registered for hibernate with name "strongHibernateEncryptor"
at freemarker.ext.beans.SimpleMethodModel.exec(SimpleMethodModel.java:130)
at freemarker.ext.beans.SimpleMethodModel.get(SimpleMethodModel.java:138)
at freemarker.core.DynamicKeyName.dealWithNumericalKey(DynamicKeyName.java:111)
at freemarker.core.DynamicKeyName._getAsTemplateModel(DynamicKeyName.java:90)
at freemarker.core.Expression.getAsTemplateModel(Expression.java:89)
at freemarker.core.Expression.getStringValue(Expression.java:93)
at freemarker.core.DollarVariable.accept(DollarVariable.java:76)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.MixedContent.accept(MixedContent.java:92)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.IfBlock.accept(IfBlock.java:82)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.IfBlock.accept(IfBlock.java:82)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.MixedContent.accept(MixedContent.java:92)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.Environment.process(Environment.java:190)
at freemarker.template.Template.process(Template.java:237)
at org.apache.struts2.dispatcher.Dispatcher.sendError(Dispatcher.java:748)
at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:505)
at org.apache.struts2.dispatcher.ng.ExecuteOperations.executeAction(ExecuteOperations.java:77)
at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:91)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:636)
Caused by: java.lang.NullPointerException
at freemarker.ext.beans.SimpleMemberModel.unwrapArguments(SimpleMemberModel.java:85)
at freemarker.ext.beans.SimpleMethodModel.exec(SimpleMethodModel.java:106)
... 33 more
Anybody have an idea for implementing jasypt with Hibernate 3 and Struts 2 or can help me with this error ? 任何人都有使用Hibernate 3和Struts 2实现jasypt的想法,或者可以帮助我解决此错误? (I have to use jasypt) (我必须使用jasypt)
It's ok, the problem was the encryptor registered name in the mapping : 没关系,问题出在映射中的加密器注册名称:
<param name="encryptorRegisteredName">strongHibernateEncryptor</param>
When I registered it, I add "String" in the name : 注册时,我在名称中添加“ String”:
registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);
Have to set a password too : 也必须设置密码:
strongEncryptor.setPassword("aStrongPassword");
No more error now. 现在没有更多错误。
(I edit my code above to reflect the changes) (我在上面编辑了代码以反映更改)
You should be aware that the hibernate / jaspyt encryption is PBE based and reversible, meaning that it's only encrypted in the database, not in the app. 您应该意识到,hibernate / jaspyt加密是基于PBE的并且是可逆的,这意味着它仅在数据库中加密,而不在应用程序中加密。
For passwords especially, it's better to use digest based encryption that is not reversible -- the StrongPasswordEncryptor
is really what you should be using in the above case. 特别是对于密码,最好使用不可逆的基于摘要的加密-在上述情况下, StrongPasswordEncryptor
确实是您应该使用的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.