我正在尝试将 bcrypt 配置为 Grails 2.1.1 和 spring-security-core 1.2.7.3 中的加密算法,遵循 instructions 。在 Config.groovy 中:
grails.plugins.springsecurity.password.algorithm = 'bcrypt'
grails.plugins.springsecurity.password.bcrypt.logrounds = 100
我以前使用过盐并且工作正常,但为了这一更改,我将 User.encodePassword() 编辑为单参数版本。
当我在 Bootstrap.groovy 中创建新用户并尝试保存它时:
testUser = new User(username: '<a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="197778747c597c61787469757c377a7674" rel="noreferrer noopener nofollow">[email protected]</a>', enabled: true, password: 'password').save(flush: true)
我收到此错误:
Message: Missing salt rounds
Line | Method
->> 678 | hashpw in org.mindrot.jbcrypt.BCrypt
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 44 | encodePassword in grails.plugins.springsecurity.BCryptPasswordEncoder
| 87 | encodePassword . . . . . . . in grails.plugins.springsecurity.SpringSecurityService
| 42 | encodePassword in com.madeupname.app.User
| 32 | beforeInsert . . . . . . . . in ''
| 46 | onApplicationEvent in org.grails.datastore.mapping.engine.event.AbstractPersistenceEventListener
| 27 | doCall . . . . . . . . . . . in BootStrap$_closure1_closure3_closure4
| 314 | execute in grails.util.Environment$EnvironmentBlockEvaluator
| 295 | executeForEnvironment . . . in grails.util.Environment
| 270 | executeForCurrentEnvironment in ''
| 334 | innerRun . . . . . . . . . . in java.util.concurrent.FutureTask$Sync
| 166 | run in java.util.concurrent.FutureTask
| 1110 | runWorker . . . . . . . . . in java.util.concurrent.ThreadPoolExecutor
| 603 | run in java.util.concurrent.ThreadPoolExecutor$Worker
^ 722 | run . . . . . . . . . . . . in java.lang.Thread
知道我可能错过了什么吗?
最佳答案
事实证明,对于此实现,您必须指定 4 到 31 之间的值。我已经更新了文档。
关于grails - 缺少盐轮错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/17385297/