spring引导中的登录错误:编码的密码看起来不像BCrypt
我在idea、register中运行了我的spring boot项目,然后在登录时出现了问题。它重定向到“localhost:8080/login?error”,并在idea控制台中显示以下内容 编码的密码看起来不像BCrypt 我在stackoverflow中搜索了答案,看到了这个。但它对我来说似乎没什么用处,因为我的配置扩展了WebSecurity配置适配器而不是授权服务器ConfigureRadapter。我的配置类是spring引导中的登录错误:编码的密码看起来不像BCrypt,spring,spring-boot,spring-data-jpa,Spring,Spring Boot,Spring Data Jpa,我在idea、register中运行了我的spring boot项目,然后在登录时出现了问题。它重定向到“localhost:8080/login?error”,并在idea控制台中显示以下内容 编码的密码看起来不像BCrypt 我在stackoverflow中搜索了答案,看到了这个。但它对我来说似乎没什么用处,因为我的配置扩展了WebSecurity配置适配器而不是授权服务器ConfigureRadapter。我的配置类是 @Configuration @EnableWebSe
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private WorkersRepository workersRepository;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/submit").access("hasRole('WORKER')")
.anyRequest().permitAll()
.and()
.formLogin()
.loginPage("/login")
.and()
.logout()
.logoutSuccessUrl("/")
.and()
.rememberMe()
.tokenValiditySeconds(4838400)
.key("workerKey");
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(new UserDetailsService() {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
Worker worker = workersRepository.findByUsername(username);
return workersRepository.findByUsername(username);
}
}).passwordEncoder(new BCryptPasswordEncoder()).and()
.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
.withUser("admin").password("123456").roles("ADMIN","WORKER");
}
}
@Entity
public class Worker implements UserDetails {
private static final long serialversionUID = 1L;
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@NotNull
@Size(min = 5, max = 16, message = "{username.size}")
private String username;
@NotNull
@Size(min = 2, max = 30, message = "{firstName.size}")
private String firstname;
@NotNull
@Size(min = 2, max = 30, message = "{lastName.size")
private String lastname;
@NotNull
@Size(min = 5, max = 25,message = "{password.size}")
private String password;
@NotNull
@Size(min = 2, max = 30, message = "{profession,size}")
private String profession;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getFirstname() {
return firstname;
}
public void setFirstname(String firstname) {
this.firstname = firstname;
}
public String getLastname() {
return lastname;
}
public void setLastname(String lastname) {
this.lastname = lastname;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getProfession() {
return profession;
}
public void setProfession(String profession) {
this.profession = profession;
}
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
//UserDetails methods
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return Arrays.asList(new SimpleGrantedAuthority("WORKER"));
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
@实体
公共类工作程序实现UserDetails{
私有静态最终长serialversionUID=1L;
@身份证
@GeneratedValue(策略=GenerationType.AUTO)
私人长id;
@NotNull
@大小(最小值=5,最大值=16,消息=“{username.Size}”)
私有字符串用户名;
@NotNull
@大小(最小值=2,最大值=30,消息=“{firstName.Size}”)
私有字符串名;
@NotNull
@大小(最小值=2,最大值=30,消息=“{lastName.Size”)
私有字符串lastname;
@NotNull
@大小(最小值=5,最大值=25,消息=“{password.Size}”)
私有字符串密码;
@NotNull
@大小(最小值=2,最大值=30,消息=“{profession,Size}”)
私人弦乐专业;
公共字符串getUsername(){
返回用户名;
}
public void setUsername(字符串用户名){
this.username=用户名;
}
公共字符串getFirstname(){
返回名字;
}
public void setFirstname(字符串firstname){
this.firstname=firstname;
}
公共字符串getLastname(){
返回姓氏;
}
public void setLastname(字符串lastname){
this.lastname=lastname;
}
公共字符串getPassword(){
返回密码;
}
public void setPassword(字符串密码){
this.password=密码;
}
公共字符串getProfession(){
回归职业;
}
公共职业(字符串职业){
这个职业=职业;
}
公共长getId(){
返回id;
}
公共无效集合id(长id){
this.id=id;
}
//用户详细信息方法
@凌驾
public CollectionBCrypt的密码字段应至少为60个字符,因为结果哈希值为60个字符
@Size(min = 5, max = 60,message = "{password.size}")
private String password;
我也遇到过同样的问题,解决方案很简单,首先在浏览器中打开在线Bcrypt ecrypter站点:
首先在这里尝试一下。Java默认使用Brcypt中的12轮数。您必须使用12!而不是另一个数字。我已经解决了这个问题。由于我使用BCryptPasswordEncoder对密码进行了编码,我应该将密码存储在此表单中。因此,解决方案是添加
String encodedPassword = new BCryptPasswordEncoder().encode(worker.getPassword());
worker.setPassword(encodedPassword);
进入“/注册”post请求
@RequestMapping(value = "/register", method = RequestMethod.POST)
public String registrationProcessing(@Valid Worker worker, Errors errors, RedirectAttributes model) {
if(errors.hasErrors()) {
return "registerForm";
};
String encodedPassword = new BCryptPasswordEncoder().encode(worker.getPassword());
worker.setPassword(encodedPassword);
workersRepository.save(worker);
model.addAttribute("username", worker.getUsername());
model.addFlashAttribute("worker", worker);
return "redirect:/";
}
您是否也更改了db列?(varchar(60))我在idea中运行它并使用嵌入式h2数据库。我打开h2控制台但找不到嵌入式数据库url,因此我无法查看数据库并更改它。
@RequestMapping(value = "/register", method = RequestMethod.POST)
public String registrationProcessing(@Valid Worker worker, Errors errors, RedirectAttributes model) {
if(errors.hasErrors()) {
return "registerForm";
};
String encodedPassword = new BCryptPasswordEncoder().encode(worker.getPassword());
worker.setPassword(encodedPassword);
workersRepository.save(worker);
model.addAttribute("username", worker.getUsername());
model.addFlashAttribute("worker", worker);
return "redirect:/";
}