[英]How to configure jasypt for jdbcAuthentication passwordEncoder in Spring Boot
我需要配置 PasswordEncoder 以接受 jasypt StandardPBEEncoder 類型而不是 BCryptPasswordEncoder。 以下是我正在使用的代碼:
@Configuration
@EnableWebSecurity
public class DemoSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;
@Autowired
private StandardPBEStringEncryptor pbeEncryptor;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource).passwordEncoder(bCryptPasswordEncoder)
.usersByUsernameQuery("select USERNAME,USERPASS PASSWORD,USER_BLOCK ENABLED from TABLE_LOGIN_MASTER where USERNAME=?")
.authoritiesByUsernameQuery("select USERNAME, 'ROLE_'||ROLE_VALUE AUTHORITY from TAB_LOGIN_ROLE where USERNAME=?");
}
我需要使用 pbeEncryptor 而不是 bCryptPasswordEncoder 作為 PasswordEncoder。 是否可以?
所以最后我解決了這個問題。 我在下面的同一個類中為 PasswordEncoder 創建了一個 bean:
@Bean
public PasswordEncoder passwordEncoder() {
return new PasswordEncoder() {
ManagePassword mp = new ManagePassword();
@Override
public boolean matches(CharSequence rawpasswd, String encodedPassword) {
// TODO Auto-generated method stub
return mp.decrypt(encodedPassword).equals(rawpasswd.toString());
}
@Override
public String encode(CharSequence rawpasswd) {
// TODO Auto-generated method stub
return mp.encrypt(rawpasswd.toString());
}
};
}
完整代碼如下:
@Configuration
@EnableWebSecurity
public class DemoSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource).passwordEncoder(passwordEncoder())
.usersByUsernameQuery("select USERNAME,USERPASS PASSWORD,USER_BLOCK ENABLED from TABLE_LOGIN_MASTER where USERNAME=?")
.authoritiesByUsernameQuery("select USERNAME, 'ROLE_'||ROLE_VALUE AUTHORITY from TAB_LOGIN_ROLE where USERNAME=?");
}
@Bean
public PasswordEncoder passwordEncoder() {
return new PasswordEncoder() {
ManagePassword mp = new ManagePassword();
@Override
public boolean matches(CharSequence rawpasswd, String encodedPassword) {
// TODO Auto-generated method stub
return mp.decrypt(encodedPassword).equals(rawpasswd.toString());
}
@Override
public String encode(CharSequence rawpasswd) {
// TODO Auto-generated method stub
return mp.encrypt(rawpasswd.toString());
}
};
}
ManagePassword 類包含用於初始化 StandardPBEStringEncryptor 的代碼。
Spring 安全性與 jdbcAuthentication throws 沒有為 id “null”映射 PasswordEncoder
[英]Spring Security with jdbcAuthentication throws There is no PasswordEncoder mapped for the id “null”
在Spring Boot中與configureGlobalSecurity jdbcAuthentication結合使用@Roles
[英]@RolesAllowed in conjuction with configureGlobalSecurity jdbcAuthentication in Spring boot
如果我使用 Md5PasswordEncoder 進行密碼加密,如何在 spring 安全配置中配置 passwordEncoder?
[英]How to configure passwordEncoder in spring security config if i use Md5PasswordEncoder for password encryption?
Spring Boot jdbcAuthentication dataSource未加載錯誤
[英]Spring Boot jdbcAuthentication dataSource not loaded error
如何在 spring 引導中獲得可重現的 Pbkdf2PasswordEncoder output?
[英]How to get reproducible Pbkdf2PasswordEncoder output in spring boot?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.