我正在尝试一整天查找或谷歌,如何通过salt在身份验证期间将Spring 3 security添加到我的哈希密码,并使其全部协同工作。没有盐就可以了。
<!-- authentication from database -->
<security:authentication-manager>
<security:authentication-provider>
<security:password-encoder hash='md5'/>
<security:jdbc-user-service
data-source-ref='dataSource'
users-by-username-query="
select username,password, salt
from users where username=?"
authorities-by-username-query="
select u.username, ur.authority from users u, user_roles ur
where u.user_id = ur.user_id and u.username =? " />
</security:authentication-provider>
</security:authentication-manager>
如果我想制作咸味的密码,只需user.setPassword(md5(somePassword+someSalt));就可以了。感谢您的建议。
答案 0 :(得分:1)