在spring5+中,不推荐使用加密类型sha-512。在我的api项目中,我使用的是spring5+,我必须使用sha-512,因为db是旧类型的密码加密。我的编码器方法需要返回一个自定义类对象,该对象将用户电子邮件作为salt编码到sha-512。我正在使用自定义用户表。你知道怎么处理这种情况吗?谢谢你们的帮助。我的 Spring 安全课:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final CustomUserDetailsService customUserDetailsService;
@Autowired
public SecurityConfig(CustomUserDetailsService customUserDetailsService{this.customUserDetailsService=customUserDetailsService;}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/api/**").authenticated()
.and()
.httpBasic()
.and()
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(customUserDetailsService);
authProvider.setPasswordEncoder(encoder());
return authProvider;
}
@Bean
public DelegatingPasswordEncoder encoder() {//what i return here for SHA-512?;}
}
暂无答案!
目前还没有任何答案,快来回答吧!