Java Spring Security bcrypt编码登录不工作
我的应用程序在hibernate和SpringMVC中。以前登录时可以工作,但现在我实现了密码的bcrypt编码。在那之后,一切都不起作用了。我几乎改变了一切。这里我给你我的代码和配置文件。请帮我找出这个问题 app-security.xmlJava Spring Security bcrypt编码登录不工作,java,hibernate,spring-mvc,encryption,spring-security,Java,Hibernate,Spring Mvc,Encryption,Spring Security,我的应用程序在hibernate和SpringMVC中。以前登录时可以工作,但现在我实现了密码的bcrypt编码。在那之后,一切都不起作用了。我几乎改变了一切。这里我给你我的代码和配置文件。请帮我找出这个问题 app-security.xml <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="htt
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<security:global-method-security secured-annotations="enabled" />
<!-- These beans handle successful login and failure cases of login -->
<bean id="myAuthenticationSuccessHandler" class="com.app.security.handler.MySimpleUrlAuthenticationSuccessHandler" />
<bean id="myAuthenticationFailureHandler" class="com.app.security.handler.MySimpleUrlAuthenticationFailureHandler" />
<!-- Encrypter to encrypt password -->
<bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
<security:http auto-config="true"><!--
<security:intercept-url pattern="/home*" access="ROLE_USER" /> -->
<security:intercept-url pattern="/admin" access="ROLE_ADMIN" />
<security:intercept-url pattern="/user" access="ROLE_USER" />
<security:intercept-url pattern="/group-admin" access="ROLE_GROUP_ADMIN" />
<security:intercept-url pattern="/sponsor" access="ROLE_SPONSOR" />
<security:form-login login-page="/login"
default-target-url="/home"
authentication-failure-handler-ref="myAuthenticationFailureHandler"
authentication-success-handler-ref="myAuthenticationSuccessHandler"
/>
<security:logout logout-success-url="/logout" />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:password-encoder ref="encoder" />
<security:jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select user_id as userId, username, password, email_address as emailAddress, active from users where username=?"
authorities-by-username-query="select us.user_id as userId, us.username as username, us.email_address as emailAddress, us.active as active, ur.roles from users us, user_roles ur
where us.role_id = ur.role_id and us.username =? "
/>
</security:authentication-provider>
</security:authentication-manager>
</beans>
User.java
@Entity
@Table(name="USERS")
public class User implements Serializable {
private static final long serialVersionUID = 2158419746939747203L;
@Id
@Column(name="USER_ID")
@GeneratedValue(strategy=GenerationType.IDENTITY)
private long userId;
@Column(name="USERNAME", unique = true, length=45, nullable=false)
@NotEmpty @NotNull @Size(min=6, max=20)
@UniqueCheck(classname="User", fieldname="username")
private String username;
@Column(name="PASSWORD", length=100, nullable=false)
@NotEmpty @NotNull @Size(min=6, max=100)
private String password;
@Column(name="EMAIL_ADDRESS", unique = true, length=100, nullable=false)
@UniqueCheck(classname="User", fieldname="emailAddress")
@NotEmpty
private String emailAddress;
@Column(name="ACTIVE", nullable=false )
private Integer active;
@Column(name="ROLE_ID", nullable=false)
private String roleid;
//getter setters
如果需要任何其他信息,请告诉我。在这两个位置(java文件和xml配置文件)加强编码器…它开始工作 所以, config.xml
bcrypt不是encryption。表示要加密的BCryptPasswordEncoder类我将重复我所说的。bcrypt不是加密。对不起……编码……我说的对吗?不太对。bcrypt是一个,在本实例中用作。
@Entity
@Table(name="USERS")
public class User implements Serializable {
private static final long serialVersionUID = 2158419746939747203L;
@Id
@Column(name="USER_ID")
@GeneratedValue(strategy=GenerationType.IDENTITY)
private long userId;
@Column(name="USERNAME", unique = true, length=45, nullable=false)
@NotEmpty @NotNull @Size(min=6, max=20)
@UniqueCheck(classname="User", fieldname="username")
private String username;
@Column(name="PASSWORD", length=100, nullable=false)
@NotEmpty @NotNull @Size(min=6, max=100)
private String password;
@Column(name="EMAIL_ADDRESS", unique = true, length=100, nullable=false)
@UniqueCheck(classname="User", fieldname="emailAddress")
@NotEmpty
private String emailAddress;
@Column(name="ACTIVE", nullable=false )
private Integer active;
@Column(name="ROLE_ID", nullable=false)
private String roleid;
//getter setters
<bean
id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
<constructor-arg value="12"></constructor-arg>
</bean>
/**
* Encoding data
* bcrypt is a key derivation function which is used in this instance as a cryptographic hash function
* @param data
* @return
*/
public static String bCrypt(String data) {
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(12);
return passwordEncoder.encode(data);
}