首先看代码:
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="myUserDetailsService">
<password-encoder ref="myPasswordEncode">
<salt-source user-property="salt"/>
</password-encoder>
</authentication-provider>
</authentication-manager>
<beans:bean id="myPasswordEncode" class="pw.bany.security.MyPasswordEncode">
<beans:constructor-arg name="encode" value="md5"></beans:constructor-arg>
</beans:bean>
如果我们要自己控制密码权限的验证,可以在配置中使用<password-encoder ref="myPasswordEncode">来指定自己的密码验证类,该类继承自MessageDigestPasswordEncoder。需要我们复写了public boolean isPasswordValid(String savePass, String submitPass, Object salt)方法,如果返回true,