How to configure jasypt for jdbcAuthentication passwordEncoder in Spring Boot
Question
I need to configure PasswordEncoder to accept jasypt StandardPBEEncoder type instead of BCryptPasswordEncoder. Below is the code which I am using:
@Configuration
@EnableWebSecurity
public class DemoSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;
@Autowired
private StandardPBEStringEncryptor pbeEncryptor;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource).passwordEncoder(bCryptPasswordEncoder)
.usersByUsernameQuery("select USERNAME,USERPASS PASSWORD,USER_BLOCK ENABLED from TABLE_LOGIN_MASTER where USERNAME=?")
.authoritiesByUsernameQuery("select USERNAME, 'ROLE_'||ROLE_VALUE AUTHORITY from TAB_LOGIN_ROLE where USERNAME=?");
}
I need to use pbeEncryptor instead of bCryptPasswordEncoder as PasswordEncoder. Is it possible?
1 answers
solution1
0 2020-08-27 14:30:46
So finally I got this solved. I created a bean for PasswordEncoder in the same class as below:
@Bean
public PasswordEncoder passwordEncoder() {
return new PasswordEncoder() {
ManagePassword mp = new ManagePassword();
@Override
public boolean matches(CharSequence rawpasswd, String encodedPassword) {
// TODO Auto-generated method stub
return mp.decrypt(encodedPassword).equals(rawpasswd.toString());
}
@Override
public String encode(CharSequence rawpasswd) {
// TODO Auto-generated method stub
return mp.encrypt(rawpasswd.toString());
}
};
}
Complete code as below:
@Configuration
@EnableWebSecurity
public class DemoSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource).passwordEncoder(passwordEncoder())
.usersByUsernameQuery("select USERNAME,USERPASS PASSWORD,USER_BLOCK ENABLED from TABLE_LOGIN_MASTER where USERNAME=?")
.authoritiesByUsernameQuery("select USERNAME, 'ROLE_'||ROLE_VALUE AUTHORITY from TAB_LOGIN_ROLE where USERNAME=?");
}
@Bean
public PasswordEncoder passwordEncoder() {
return new PasswordEncoder() {
ManagePassword mp = new ManagePassword();
@Override
public boolean matches(CharSequence rawpasswd, String encodedPassword) {
// TODO Auto-generated method stub
return mp.decrypt(encodedPassword).equals(rawpasswd.toString());
}
@Override
public String encode(CharSequence rawpasswd) {
// TODO Auto-generated method stub
return mp.encrypt(rawpasswd.toString());
}
};
}
ManagePassword class contains code to initialize the StandardPBEStringEncryptor.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Spring Security with jdbcAuthentication throws There is no PasswordEncoder mapped for the id “null”
How to configure jasypt in java spring 2.0?
@RolesAllowed in conjuction with configureGlobalSecurity jdbcAuthentication in Spring boot
How to configure passwordEncoder in spring security config if i use Md5PasswordEncoder for password encryption?
Spring Boot Security 4 custom PasswordEncoder
Spring Boot jdbcAuthentication dataSource not loaded error
How to get reproducible Pbkdf2PasswordEncoder output in spring boot?
Spring Boot PasswordEncoder class file not found
Spring Boot (XML Configuration) & Jasypt Integration
Loading decrypted Password with Jasypt in Spring Boot
Related Tags