[英]Grails Spring Security Plugin Password issue
I have successfully migrated to Spring Security plugin from acegi plugin. 我已经从acegi插件成功迁移到了Spring Security插件。 Creating a new user works fine. 创建一个新用户可以正常工作。 I can login. 我可以登录。
But in the database, I have lot of users created using acegi's authenticateService.encodePassword
. 但是在数据库中,我有很多使用acegi的authenticateService.encodePassword
创建的authenticateService.encodePassword
。 So I can't login using those old username and password. 因此,我无法使用那些旧的用户名和密码登录。 I guess its the MD5 or SHA1 encoding algorithm issue. 我想这是MD5或SHA1编码算法的问题。
Just wanted to know, how to make it to work without resetting password. 只是想知道,如何在不重置密码的情况下使其正常工作。 I tried setting grails.plugins.springsecurity.password.algorithm="MD5"
, but no luck. 我尝试设置grails.plugins.springsecurity.password.algorithm="MD5"
,但是没有运气。
Any suggestions? 有什么建议么?
package auth 包认证
import java.util.Set;
import auth.Role
/**
* User domain class.
*/
class User implements Serializable {
static transients = ['pass','getAuthorities']
static hasMany = [authorities: Role]
static belongsTo = Role
transient springSecurityService
static mapping = {
table 'users' // USER not a valid table name in oracle
}
/** Username */
String username
/** User Real Name*/
String userRealName
/** MD5 Password */
String passwd
String password
/** enabled */
boolean enabled
String email
boolean emailShow
/** description */
String description = ''
/** plain password to create a MD5 password */
String pass = '[secret]'
boolean accountExpired
boolean accountLocked
boolean passwordExpired
String toString() {
return userRealName
}
static constraints = {
username(blank: false, unique: true)
userRealName(blank: false)
passwd(blank: false)
password(blank: false)
enabled()
description(nullable:true)
}
/*Set<Role> getAuthorities() {
Role.findAllByUser(this).collect { it.role } as Set
}*/
def beforeInsert() {
encodePassword()
}
def beforeUpdate() {
if (isDirty('password')) {
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password,null)
}
}
try adding 尝试添加
grails.plugins.springsecurity.password.algorithm='SHA-512'
in 在
config.groovy
In addition to declaring the correct algorithm, you have to actually call the password encoder. 除了声明正确的算法之外,您还必须实际调用密码编码器。 In my User
class I do it like this: 在我的User
类中,它是这样的:
class User {
def springSecurityService
static transients = ['springSecurityService', 'passwordConfirm']
String password
String passwordConfirm
def beforeInsert() {
encodePassword()
}
def beforeUpdate() {
if (isDirty('password')) {
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password, null)
passwordConfirm = springSecurityService.encodePassword(passwordConfirm, null)
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.