Spring安全性中的BCryptPasswordEncoder

时间:2016-12-03 05:45:04

标签: java spring spring-mvc spring-security

我正在使用 BCryptPasswordEncoder 在春季处理身份验证模块并面临身份验证失败,如下所示 我通过管理员帐户成功登录并创建虚拟用户。然后我通过虚拟用户成功登录并注销。 检查两个帐户用户(管理员,用户)后,当我尝试通过任何用户登录时,我收到登录失败错误。

注意:如果我不使用任何密码加密方案,那么我的模块工作正常。

    

<security:http auto-config="true" use-expressions="false">
    <security:form-login login-page="/login" login-processing-url="/login" username-parameter="custom_username" 
        password-parameter="custom_password"
        default-target-url="/index"
        always-use-default-target="true"
        authentication-failure-url="/login?error=true" />

    <security:logout logout-url="/logout" logout-success-url="/login?logout=true"/>

    <security:intercept-url pattern="/admin/*" access="ROLE_ADMIN"/>
    <security:intercept-url pattern="/hrm/*" access="ROLE_HRM, ROLE_ADMIN"/>
    <security:intercept-url pattern="/leave/*" access="ROLE_HRM, ROLE_USER, ROLE_ADMIN"/>
    <security:intercept-url pattern="/index**" access="ROLE_HRM, ROLE_USER, ROLE_ADMIN"/>
    <security:intercept-url pattern="/**" access="ROLE_ANONYMOUS, ROLE_HRM, ROLE_USER, ROLE_ADMIN"/>
</security:http>

<bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">        
    <constructor-arg name="strength" value="12" />
</bean>

<security:authentication-manager>
    <security:authentication-provider>

        <security:password-encoder  ref="encoder"/>

        <security:jdbc-user-service data-source-ref="dataSource"
            authorities-by-username-query="select app_user.username, role.name from app_user
                                           join app_user_role on app_user.id = app_user_role.users_id
                                           join role on app_user_role.roles_id = role.id
                                           where app_user.username = ?"
            users-by-username-query="select username,password,enabled from app_user where username = ?" />

    </security:authentication-provider>
</security:authentication-manager>

0 个答案:

没有答案