继承如下类
extends AbstractUserDetailsAuthenticationProvider
主要实现代码
/**
* 原文解密
* @return
*/
private String decryptAES(String s) {
// 构建前端对应解密AES 因子
AES aes = new AES(Mode.CFB, Padding.NoPadding,
new SecretKeySpec("wwwwwwwwwwwwwwwwww".getBytes(), "AES"),
new IvParameterSpec("wwwwwwwwwwwwwwwwww".getBytes()));
// 获取请求密码并解密
return aes.decryptStr(s);
}
@Override
@SuppressWarnings("deprecation")
protected void additionalAuthenticationChecks(UserDetails userDetails,
UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
if (authentication.getCredentials() == null) {
this.logger.debug("Failed to authenticate since no credentials provided");
throw new BadCredentialsException(this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
//主要解密代码在这
String presentedPassword = authentication.getCredentials().toString();
String decryptAES = decryptAES(presentedPassword);
if (!this.passwordEncoder.matches(decryptAES, userDetails.getPassword())) {
this.logger.debug("Failed to authenticate since password does not match stored value");
throw new BadCredentialsException(this.messages
.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
}