Spring安全编码密码看起来不像BCrypt
Spring安全编码密码看起来不像BCrypt
提问于 2020-02-11 10:17:30
我不能用正确的详细信息登录,因为程序不断声明编码的密码看起来不像bcrypt。有人知道怎么解决这个问题吗?我正在使用JDBC身份验证。
我也有正确的数据库表,有足够的空间进行编码密码。我不知道哪里出了问题。
JSP表格:
<div class="form-group">
<div class="form-label-group">
<label for="inputUser">Username: </label> <input name="username"
type="text" path="username" id="inputUser" class="form-control"
placeholder="Username" required="required" autofocus="autofocus">
</div>
</div>
<div class="form-group">
<div class="form-label-group">
<label for="inputPassword">Password: </label>
<input name="username" type="password" path="password"
id="inputPassword" class="form-control" placeholder="Password"
required="required">
</div>
</div>
<div class="form-group">
<div class="checkbox">
<label> <input type="checkbox" value="remember-me">
Remember Password
</label>
</div>
</div>
<input type="submit" value="Login"/>
</form:form>安全控制:
@Autowired
private DataSource securityDataSource;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(securityDataSource).passwordEncoder(passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/management/**").authenticated().and().formLogin().loginPage("/login")
.loginProcessingUrl("/processLogin").defaultSuccessUrl("/management/dashboard").permitAll();
http.exceptionHandling().accessDeniedPage("/access-denied");
}
@Bean
@Autowired
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}登录控制器
@Controller
public class LoginController {
@Autowired
private UserServiceImpl userService;
@GetMapping("/login")
public String showLoginForm(Model model) {
User user = new User();
model.addAttribute("user", user);
return "login";
}
@PostMapping("/processLogin")
public String processLogin(@ModelAttribute("user") User user, Model model) {
if (userService.findUser(user.getUsername(), user.getPassword()) != null) {
return "/management/dashboard";
} else {
return "/access-denied";
}
}
}我的数据库:这里
回答 2
Stack Overflow用户
回答已采纳
发布于 2020-02-11 10:32:08
查看您的数据库条目,您似乎曾经使用过org.springframework.security.crypto.password.DelegatingPasswordEncoder并切换回了org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder。只有DelegatingPasswordEncoder能够处理使用不同方案编码的密码。
如果您想坚持当前配置的BCryptPasswordEncoder,则需要
- 删除前缀
{bcrypt} - 用
test123对john和susan的两个密码进行BCryptPasswordEncoder编码
Stack Overflow用户
发布于 2020-07-16 17:43:58
我通过使用BcryptPasswordEncoder解决了问题,如下所示
@Override
public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
User user = userRepository.findByuserName(userName);
if (user == null) {
throw new UsernameNotFoundException("userName" + userName + "Not found in the database");
}
return new org.springframework.security.core.userdetails.User(user.getName(), new BCryptPasswordEncoder().encode(user.getPassword()), getGrantedAuth(user));
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/60166583
复制相关文章
相似问题
腾讯云开发者
