[英]How to configure jasypt for jdbcAuthentication passwordEncoder in Spring Boot
我需要配置 PasswordEncoder 以接受 jasypt StandardPBEEncoder 类型而不是 BCryptPasswordEncoder。 以下是我正在使用的代码:
@Configuration
@EnableWebSecurity
public class DemoSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;
@Autowired
private StandardPBEStringEncryptor pbeEncryptor;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource).passwordEncoder(bCryptPasswordEncoder)
.usersByUsernameQuery("select USERNAME,USERPASS PASSWORD,USER_BLOCK ENABLED from TABLE_LOGIN_MASTER where USERNAME=?")
.authoritiesByUsernameQuery("select USERNAME, 'ROLE_'||ROLE_VALUE AUTHORITY from TAB_LOGIN_ROLE where USERNAME=?");
}
我需要使用 pbeEncryptor 而不是 bCryptPasswordEncoder 作为 PasswordEncoder。 是否可以?
所以最后我解决了这个问题。 我在下面的同一个类中为 PasswordEncoder 创建了一个 bean:
@Bean
public PasswordEncoder passwordEncoder() {
return new PasswordEncoder() {
ManagePassword mp = new ManagePassword();
@Override
public boolean matches(CharSequence rawpasswd, String encodedPassword) {
// TODO Auto-generated method stub
return mp.decrypt(encodedPassword).equals(rawpasswd.toString());
}
@Override
public String encode(CharSequence rawpasswd) {
// TODO Auto-generated method stub
return mp.encrypt(rawpasswd.toString());
}
};
}
完整代码如下:
@Configuration
@EnableWebSecurity
public class DemoSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource).passwordEncoder(passwordEncoder())
.usersByUsernameQuery("select USERNAME,USERPASS PASSWORD,USER_BLOCK ENABLED from TABLE_LOGIN_MASTER where USERNAME=?")
.authoritiesByUsernameQuery("select USERNAME, 'ROLE_'||ROLE_VALUE AUTHORITY from TAB_LOGIN_ROLE where USERNAME=?");
}
@Bean
public PasswordEncoder passwordEncoder() {
return new PasswordEncoder() {
ManagePassword mp = new ManagePassword();
@Override
public boolean matches(CharSequence rawpasswd, String encodedPassword) {
// TODO Auto-generated method stub
return mp.decrypt(encodedPassword).equals(rawpasswd.toString());
}
@Override
public String encode(CharSequence rawpasswd) {
// TODO Auto-generated method stub
return mp.encrypt(rawpasswd.toString());
}
};
}
ManagePassword 类包含用于初始化 StandardPBEStringEncryptor 的代码。
Spring 安全性与 jdbcAuthentication throws 没有为 id “null”映射 PasswordEncoder
[英]Spring Security with jdbcAuthentication throws There is no PasswordEncoder mapped for the id “null”
在Spring Boot中与configureGlobalSecurity jdbcAuthentication结合使用@Roles
[英]@RolesAllowed in conjuction with configureGlobalSecurity jdbcAuthentication in Spring boot
如果我使用 Md5PasswordEncoder 进行密码加密,如何在 spring 安全配置中配置 passwordEncoder?
[英]How to configure passwordEncoder in spring security config if i use Md5PasswordEncoder for password encryption?
Spring Boot jdbcAuthentication dataSource未加载错误
[英]Spring Boot jdbcAuthentication dataSource not loaded error
如何在 spring 引导中获得可重现的 Pbkdf2PasswordEncoder output?
[英]How to get reproducible Pbkdf2PasswordEncoder output in spring boot?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.