首页 > 代码库 > spring security中配置密码为md5的带salt加密

spring security中配置密码为md5的带salt加密

spring security中配置密码为md5的带salt加密

service:

 

private Md5PasswordEncoder encoder; //spring security md5

public Md5PasswordEncoder getEncoder() {

return encoder;

}

@Resource

public void setEncoder(Md5PasswordEncoder encoder) {

this.encoder = encoder;

}

 

@Override

public void addUser(User user) {

//把加密后的密码,赋值给user password

//盐为 user name

user.setPassword(encoder.encodePassword(user.getPassword(), user.getName()));

userDAO.addUser(user);

}

jt.executeUpdate(new StringSql(
     "insertinto VDB_USERS (USERID,PASSWORD) values (?,?)",
     uid,new Md5PasswordEncoder().encodePassword(up, uid)));

//new Md5PasswordEncoder().encodePassword(up,uid)

此处的Md5PasswordEncoder为spring自带的md5加密类,其中第一个参数up为密码,uid为盐值

 

applicationContext-security.xml:

 

<!-- 配置认证管理器实现用户认证的入口,主要实现UserDetailsService接口即可-->

<authentication-manageralias="authenticationManager">

<!-- 

<authentication-providerref="principalProvider"></authentication-provider>

-->

<!--使用自定义userDetailService -->

<authentication-provideruser-service-ref="userService">

 

<!-- 使用MD5对密码进行加密-->

<password-encoderhash="md5">

<!--盐,根据用户name作为盐 -->

<salt-sourceuser-property="name"/>

</password-encoder>

 

<!-- 

<security:user-service>

<security:username="admin"

password="2l232f297a57a5a748394a0e4a80lfc3"

authorities="ROLE_USER"/>

<security:username="user" password="user"

authorities="ROLE_USER"/>

</security:user-service>

-->

<!--默认test.user表。。。 -->

<!--

spring security中配置密码为md5的带salt加密