密码进行md5加密,并且带salt值。
例如username:name password:pass salt为username
则明文密码为 pass{name} 括弧中为salt对应的username,再对明文密码进行加密
springSecurity配置如下
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
<authentication-manager alias=
"authenticationManager"
>
<authentication-provider ref=
"authenticationProvider"
> </authentication-provider>
</authentication-manager>
<beans:bean id=
"authenticationProvider"
class
=
"org.springframework.security.authentication.dao.DaoAuthenticationProvider"
>
<beans:property name=
"userDetailsService"
ref=
"myUserDetailService"
/>
<beans:property name=
"passwordEncoder"
ref=
"passwordEncoder"
/>
<beans:property name=
"saltSource"
ref=
"saltSource"
/>
</beans:bean>
<beans:bean id=
"passwordEncoder"
class
=
"org.springframework.security.authentication.encoding.Md5PasswordEncoder"
/>
<beans:bean id=
"saltSource"
class
=
"org.springframework.security.authentication.dao.Reflec tionSaltSource"
>
<beans:property name=
"userPropertyToUse"
value=
"username"
/>
</beans:bean>
|
authenticationProvider的配置中加入passwordEncoder与saltSource两个属性
到此配置就结束了
同时,springSecurity提供了Md5PasswordEncoder类实现MD5加密
|
1
2
3
|
Md5PasswordEncoder md5 =
new
Md5PasswordEncoder();
String result = md5.encodePassword(
"user"
,
"user"
);
System.out.println(result);
|
md5.encodePassword两个参数中,前一个为password,后一个为salt盐值
同时,网站http://md5jiami.51240.com/ 也提供了在线加密的功能
本文转自布拉君君 51CTO博客,原文链接:http://blog.51cto.com/5148737/1615981,如需转载请自行联系原作者
