首页 > 代码库 > spring security中配置密码为md5的带salt加密
spring security中配置密码为md5的带salt加密
spring security中配置密码为md5的带salt加密
service:
private Md5PasswordEncoder encoder; //spring security md5
public Md5PasswordEncoder getEncoder() {
return encoder;
}
@Resource
public void setEncoder(Md5PasswordEncoder encoder) {
this.encoder = encoder;
}
@Override
public void addUser(User user) {
//把加密后的密码,赋值给user password
//盐为 user name
user.setPassword(encoder.encodePassword(user.getPassword(), user.getName()));
userDAO.addUser(user);
}
jt.executeUpdate(new StringSql(
"insertinto VDB_USERS (USERID,PASSWORD) values (?,?)",
uid,new Md5PasswordEncoder().encodePassword(up, uid)));
//new Md5PasswordEncoder().encodePassword(up,uid)
此处的Md5PasswordEncoder为spring自带的md5加密类,其中第一个参数up为密码,uid为盐值
applicationContext-security.xml:
<!-- 配置认证管理器实现用户认证的入口,主要实现UserDetailsService接口即可-->
<authentication-manageralias="authenticationManager">
<!--
<authentication-providerref="principalProvider"></authentication-provider>
-->
<!--使用自定义userDetailService -->
<authentication-provideruser-service-ref="userService">
<!-- 使用MD5对密码进行加密-->
<password-encoderhash="md5">
<!--盐,根据用户name作为盐 -->
<salt-sourceuser-property="name"/>
</password-encoder>
<!--
<security:user-service>
<security:username="admin"
password="2l232f297a57a5a748394a0e4a80lfc3"
authorities="ROLE_USER"/>
<security:username="user" password="user"
authorities="ROLE_USER"/>
</security:user-service>
-->
<!--默认test.user表。。。 -->
<!--
spring security中配置密码为md5的带salt加密