我一整天都在尝试谷歌,如何在通过 Spring 3 security
进行身份验证期间向我的散列密码添加 salt
并使其协同工作。不加盐就可以正常工作。
<!-- authentication from database -->
<security:authentication-manager>
<security:authentication-provider>
<security:password-encoder hash='md5'/>
<security:jdbc-user-service
data-source-ref='dataSource'
users-by-username-query="
select username,password, salt
from users where username=?"
authorities-by-username-query="
select u.username, ur.authority from users u, user_roles ur
where u.user_id = ur.user_id and u.username =? " />
</security:authentication-provider>
</security:authentication-manager>
如果我想创建加盐密码,只需通过 user.setPassword(md5(somePassword+someSalt));
感谢您的建议。
最佳答案
关于java - 使用 spring 3 security 对密码加盐,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/18345647/