密码进行md5加密,并且带salt值。
例如username:name password:pass salt为username
则明文密码为 pass{name} 括弧中为salt对应的username,再对明文密码进行加密
springSecurity配置如下
<authentication-manager alias="authenticationManager" >
<authentication-provider ref="authenticationProvider"> </authentication-provider>
</authentication-manager>
<beans:bean id="authenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="myUserDetailService" />
<beans:property name="passwordEncoder" ref="passwordEncoder"/>
<beans:property name="saltSource" ref="saltSource"/>
</beans:bean>
<beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.Md5PasswordEncoder"/>
<beans:bean id="saltSource" class="org.springframework.security.authentication.dao.Reflec tionSaltSource">
<beans:property name="userPropertyToUse" value="username"/>
</beans:bean>
authenticationProvider的配置中加入passwordEncoder与saltSource两个属性
到此配置就结束了
同时,springSecurity提供了Md5PasswordEncoder类实现MD5加密
Md5PasswordEncoder md5 = new Md5PasswordEncoder();
String result = md5.encodePassword("user", "user");
System.out.println(result);
md5.encodePassword两个参数中,前一个为password,后一个为salt盐值
同时,网站http://md5jiami.51240.com/ 也提供了在线加密的功能
转载于:https://blog.51cto.com/5148737/1615981