我已成功从acegi插件迁移到Spring Security插件。创建新用户可以正常工作。我可以登录。
但是在数据库中,我使用acegi的authenticateService.encodePassword创建了很多用户。所以我无法使用那些旧的用户名和密码登录。我猜它是MD5或SHA1编码算法的问题。
只是想知道如何在不重置密码的情况下使其工作。我尝试设置grails.plugins.springsecurity.password.algorithm="MD5",但没有运气。
有什么建议吗?
package auth
import java.util.Set;
import auth.Role
/**
* User domain class.
*/
class User implements Serializable {
static transients = ['pass','getAuthorities']
static hasMany = [authorities: Role]
static belongsTo = Role
transient springSecurityService
static mapping = {
table 'users' // USER not a valid table name in oracle
}
/** Username */
String username
/** User Real Name*/
String userRealName
/** MD5 Password */
String passwd
String password
/** enabled */
boolean enabled
String email
boolean emailShow
/** description */
String description = ''
/** plain password to create a MD5 password */
String pass = '[secret]'
boolean accountExpired
boolean accountLocked
boolean passwordExpired
String toString() {
return userRealName
}
static constraints = {
username(blank: false, unique: true)
userRealName(blank: false)
passwd(blank: false)
password(blank: false)
enabled()
description(nullable:true)
}
/*Set<Role> getAuthorities() {
Role.findAllByUser(this).collect { it.role } as Set
}*/
def beforeInsert() {
encodePassword()
}
def beforeUpdate() {
if (isDirty('password')) {
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password,null)
}
}
答案 0 :(得分:0)
尝试添加
grails.plugins.springsecurity.password.algorithm='SHA-512'
in
config.groovy
答案 1 :(得分:0)
除了声明正确的算法外,您还必须实际调用密码编码器。在我的User课程中,我这样做:
class User {
def springSecurityService
static transients = ['springSecurityService', 'passwordConfirm']
String password
String passwordConfirm
def beforeInsert() {
encodePassword()
}
def beforeUpdate() {
if (isDirty('password')) {
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password, null)
passwordConfirm = springSecurityService.encodePassword(passwordConfirm, null)
}
}