spring security 5.x实现兼容多种密码的加密方式
程序员文章站
2023-12-09 19:22:33
前言
本文主要给大家介绍了关于spring security 5.x实现兼容多种密码的加密方式,分享出来供大家参考学习,下面话不多说了,来一起看看详细的介绍吧。
1、s...
前言
本文主要给大家介绍了关于spring security 5.x实现兼容多种密码的加密方式,分享出来供大家参考学习,下面话不多说了,来一起看看详细的介绍吧。
1、spring security passwordencoder
spring security 5不需要配置密码的加密方式,而是用户密码加前缀的方式表明加密方式,如:
- {md5}88e2d8cd1e92fd5544c8621508cd706b代表使用的是md5加密方式;
- {bcrypt}$2a$10$ezegvvv2zxr/vgivfzqzs.jlv878apbgrt9mapk1wrg0ovsf4yui6代表使用的是bcrypt加密方式。
spring security官方推荐使用更加安全的bcrypt加密方式。
这样可以在同一系统中支持多种加密方式,迁移用户比较省事。spring security 5支持的加密方式在passwordencoderfactories中定义:
public class passwordencoderfactories { public static passwordencoder createdelegatingpasswordencoder() { string encodingid = "bcrypt"; map<string, passwordencoder> encoders = new hashmap(); encoders.put(encodingid, new bcryptpasswordencoder()); encoders.put("ldap", new ldapshapasswordencoder()); encoders.put("md4", new md4passwordencoder()); encoders.put("md5", new messagedigestpasswordencoder("md5")); encoders.put("noop", nooppasswordencoder.getinstance()); encoders.put("pbkdf2", new pbkdf2passwordencoder()); encoders.put("scrypt", new scryptpasswordencoder()); encoders.put("sha-1", new messagedigestpasswordencoder("sha-1")); encoders.put("sha-256", new messagedigestpasswordencoder("sha-256")); encoders.put("sha256", new standardpasswordencoder()); return new delegatingpasswordencoder(encodingid, encoders); } private passwordencoderfactories() { } }
2 测试
2.1 pom.xml
<?xml version="1.0" encoding="utf-8"?> <project xmlns="http://maven.apache.org/pom/4.0.0" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://maven.apache.org/pom/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelversion>4.0.0</modelversion> <groupid>com.hfcsbc</groupid> <artifactid>security</artifactid> <version>0.0.1-snapshot</version> <packaging>jar</packaging> <name>security</name> <description>demo project for spring boot</description> <parent> <groupid>org.springframework.boot</groupid> <artifactid>spring-boot-starter-parent</artifactid> <version>2.0.0.m7</version> <relativepath/> <!-- lookup parent from repository --> </parent> <properties> <project.build.sourceencoding>utf-8</project.build.sourceencoding> <project.reporting.outputencoding>utf-8</project.reporting.outputencoding> <java.version>1.8</java.version> </properties> <dependencies> <dependency> <groupid>org.springframework.boot</groupid> <artifactid>spring-boot-starter-security</artifactid> </dependency> <dependency> <groupid>org.springframework.boot</groupid> <artifactid>spring-boot-starter-test</artifactid> <scope>test</scope> </dependency> <dependency> <groupid>org.springframework.security</groupid> <artifactid>spring-security-test</artifactid> <scope>test</scope> </dependency> <dependency> <groupid>org.projectlombok</groupid> <artifactid>lombok</artifactid> </dependency> </dependencies> <build> <plugins> <plugin> <groupid>org.springframework.boot</groupid> <artifactid>spring-boot-maven-plugin</artifactid> </plugin> </plugins> </build> <repositories> <repository> <id>spring-snapshots</id> <name>spring snapshots</name> <url>https://repo.spring.io/snapshot</url> <snapshots> <enabled>true</enabled> </snapshots> </repository> <repository> <id>spring-milestones</id> <name>spring milestones</name> <url>https://repo.spring.io/milestone</url> <snapshots> <enabled>false</enabled> </snapshots> </repository> </repositories> <pluginrepositories> <pluginrepository> <id>spring-snapshots</id> <name>spring snapshots</name> <url>https://repo.spring.io/snapshot</url> <snapshots> <enabled>true</enabled> </snapshots> </pluginrepository> <pluginrepository> <id>spring-milestones</id> <name>spring milestones</name> <url>https://repo.spring.io/milestone</url> <snapshots> <enabled>false</enabled> </snapshots> </pluginrepository> </pluginrepositories> </project>
2.2 测试
spring security 5.x默认使用bcrypt加密
@slf4j public class domainuserdetailsservice { public static void main(string[] args){ passwordencoder passwordencoder = passwordencoderfactories.createdelegatingpasswordencoder(); string encode = passwordencoder.encode("password"); log.info("加密后的密码:" + encode); log.info("bcrypt密码对比:" + passwordencoder.matches("password", encode)); string md5password = "{md5}88e2d8cd1e92fd5544c8621508cd706b";//md5加密前的密码为:password log.info("md5密码对比:" + passwordencoder.matches("password", encode)); } }
总结
以上就是这篇文章的全部内容了,希望本文的内容对大家的学习或者工作具有一定的参考学习价值,如果有疑问大家可以留言交流,谢谢大家对的支持。