@Bean public PasswordEncoder passwordEncoder() { return new Md5PasswordEncoder(); }
/** * Delegates to either the new {@link PasswordEncoder} or the deprecated {@link org.springframework.security.authentication.encoding.PasswordEncoder PasswordEncoder}. * * @param rawPassword the unencoded password * @param salt the optional salt * @return * @deprecated the new {@link org.springframework.security.crypto.password.PasswordEncoder PasswordEncoder} handles salting internally, this will be removed in 4.2 */ @Deprecated protected String encodePass(String rawPassword, Object salt) { if (usingDeprecatedPasswordEncoder()) { return passwordEncoder.encodePassword(rawPassword, salt); } else { return encodePassword(rawPassword); } }
/** * Delegates to either the new {@link PasswordEncoder} or the deprecated {@link org.springframework.security.authentication.encoding.PasswordEncoder PasswordEncoder}. * * @param rawPassword the unencoded password * @param encodedPassword the encoded password to compare rawPassword against * @param salt the optional salt * @return * @deprecated the new {@link org.springframework.security.crypto.password.PasswordEncoder PasswordEncoder} handles salting internally, this will be removed in 4.2 */ @Deprecated protected boolean isPassValid(String rawPassword, String encodedPassword, Object salt) { if (usingDeprecatedPasswordEncoder()) { return passwordEncoder.isPasswordValid(encodedPassword, rawPassword, salt); } else { return isPasswordValid(rawPassword, encodedPassword); } }
@PostConstruct public void init() { ReflectionSaltSource saltSource = new ReflectionSaltSource(); saltSource.setUserPropertyToUse("username"); boolean useEnhancedEncoding = config.getControllerProperties().getPropertyBoolean(ControllerConstants.PROP_CONTROLLER_USER_PASSWORD_SHA256); ShaPasswordEncoder passwordEncoder = useEnhancedEncoding ? new ShaPasswordEncoder(256) : new ShaPasswordEncoder(); User user = userRepository.findOneByUserId(TEST_USER_ID); if (user == null) { user = new User(); user.setUserId(TEST_USER_ID); user.setUserName("TEST_USER"); user.setEmail("TEST_USER@nhn.com"); user.setPassword("123"); user.setRole(Role.USER); SecuredUser securedUser = new SecuredUser(user, null); String encodePassword = passwordEncoder.encodePassword(user.getPassword(), saltSource.getSalt(securedUser)); user.setPassword(encodePassword); userRepository.save(user); } }
@Override public String encode(String rawPassword, String salt) { Md5PasswordEncoder md5PasswordEncoder = new Md5PasswordEncoder(); return md5PasswordEncoder.encodePassword(rawPassword, salt); } },
@Test public void testValidateUser() { DefaultLoginPlugin plugin = new DefaultLoginPlugin(); Object salt = null; try { plugin.validateUser("testUserId", "123", "123", passwordEncoder, salt); } catch (BadCredentialsException e) { assertTrue(true); } plugin.validateUser("testUserId", "123", passwordEncoder.encodePassword("123", salt), passwordEncoder, salt); assertTrue(true); } }
/** * Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and * encoding that value * * @param encPass previously encoded password * @param rawPass plain text password * @param salt salt to mix into password * @return true or false */ public boolean isPasswordValid(String encPass, String rawPass, Object salt) { String pass1 = "" + encPass; String pass2 = encodePassword(rawPass, salt); return PasswordEncoderUtils.equals(pass1,pass2); }
/** * Takes a previously encoded password and compares it with a raw password after mixing in the salt and * encoding that value. * * @param encPass previously encoded password * @param rawPass plain text password * @param salt salt to mix into password * @return true or false */ public boolean isPasswordValid(String encPass, String rawPass, Object salt) { String pass1 = "" + encPass; String pass2 = encodePassword(rawPass, salt); return PasswordEncoderUtils.equals(pass1,pass2); }
/** * Generate an encoded password from a raw password, optionally using a salt. * <p> * The externally salted {@link org.springframework.security.authentication.encoding.PasswordEncoder PasswordEncoder} support is * being deprecated, following in Spring Security's footsteps, in order to move towards self salting hashing algorithms such as bcrypt. * Bcrypt is a superior hashing algorithm that randomly generates a salt per password in order to protect against rainbow table attacks * and is an intentionally expensive algorithm to further guard against brute force attempts to crack hashed passwords. * Additionally, having the encoding algorithm handle the salt internally reduces code complexity and dependencies such as {@link SaltSource}. * * @deprecated the new {@link PasswordEncoder} handles salting internally, this will be removed in 4.2 * * @param rawPassword * @param salt * @return */ @Deprecated protected String encodePassword(String rawPassword, Object salt) { if (usingDeprecatedPasswordEncoder()) { return passwordEncoder.encodePassword(rawPassword, salt); } else { return encodePassword(rawPassword); } }
/** * Determines if a password is valid by comparing it to the encoded string, optionally using a salt. * <p> * The externally salted {@link org.springframework.security.authentication.encoding.PasswordEncoder PasswordEncoder} support is * being deprecated, following in Spring Security's footsteps, in order to move towards self salting hashing algorithms such as bcrypt. * Bcrypt is a superior hashing algorithm that randomly generates a salt per password in order to protect against rainbow table attacks * and is an intentionally expensive algorithm to further guard against brute force attempts to crack hashed passwords. * Additionally, having the encoding algorithm handle the salt internally reduces code complexity and dependencies such as {@link SaltSource}. * * @deprecated the new {@link PasswordEncoder} handles salting internally, this will be removed in 4.2 * * @param encodedPassword the encoded password * @param rawPassword the unencoded password * @param salt the optional salt * @return true if rawPassword matches the encodedPassword, false otherwise */ @Deprecated protected boolean isPasswordValid(String encodedPassword, String rawPassword, Object salt) { if (usingDeprecatedPasswordEncoder()) { return passwordEncoder.isPasswordValid(encodedPassword, rawPassword, salt); } else { return isPasswordValid(encodedPassword, rawPassword); } }
@Bean public PasswordEncoder passwordEncoder() { return new Md5PasswordEncoder(); }
@Override public String login(String username, String password) { String token = null; //密码需要客户端加密后传递 UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, passwordEncoder.encodePassword(password, null)); try { Authentication authentication = authenticationManager.authenticate(authenticationToken); SecurityContextHolder.getContext().setAuthentication(authentication); UserDetails userDetails = userDetailsService.loadUserByUsername(username); token = jwtTokenUtil.generateToken(userDetails); updateLoginTimeByUsername(username); insertLoginLog(username); } catch (AuthenticationException e) { LOGGER.warn("登录异常:{}", e.getMessage()); } return token; }
/** * Validates that the signature is the same as the secret. * * @param signatureBaseString The signature base string (unimportant, ignored). * @param signature The signature. * @throws InvalidSignatureException If the signature is not the same as the secret. */ public void verify(String signatureBaseString, String signature) throws InvalidSignatureException { if (this.encoder != null) { if (!this.encoder.isPasswordValid(this.secret, signature, this.salt)) { throw new InvalidSignatureException("Invalid signature for signature method " + getName()); } } else if (!signature.equals(this.secret)) { throw new InvalidSignatureException("Invalid signature for signature method " + getName()); } }
@Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailsService()).passwordEncoder(new Md5PasswordEncoder()); }
@Override public UmsAdmin register(UmsAdminParam umsAdminParam) { UmsAdmin umsAdmin = new UmsAdmin(); BeanUtils.copyProperties(umsAdminParam, umsAdmin); umsAdmin.setCreateTime(new Date()); umsAdmin.setStatus(1); //查询是否有相同用户名的用户 UmsAdminExample example = new UmsAdminExample(); example.createCriteria().andUsernameEqualTo(umsAdmin.getUsername()); List<UmsAdmin> umsAdminList = adminMapper.selectByExample(example); if (umsAdminList.size() > 0) { return null; } //将密码进行加密操作 String md5Password = passwordEncoder.encodePassword(umsAdmin.getPassword(), null); umsAdmin.setPassword(md5Password); adminMapper.insert(umsAdmin); return umsAdmin; }
public DirContextOperations localCompareAuthenticate(DirContextOperations user, String password) { boolean match = false; try { Attributes attributes = user.getAttributes(); Attribute attr = attributes.get(getPasswordAttributeName()); if (attr.size()==0) { throw new AuthenticationCredentialsNotFoundException("Missing "+getPasswordAttributeName()+" attribute."); } for (int i = 0; (attr != null) && (!match) && (i < attr.size()); i++) { Object valObject = attr.get(i); if (valObject != null && valObject instanceof byte[]) { if (passwordEncoder instanceof DynamicPasswordComparator) { byte[] received = password.getBytes(); byte[] stored = (byte[]) valObject; match = ((DynamicPasswordComparator) passwordEncoder).comparePasswords(received, stored); } else { String encodedPassword = passwordEncoder.encodePassword(password, null); byte[] passwordBytes = Utf8.encode(encodedPassword); match = Arrays.equals(passwordBytes, (byte[]) valObject); } } } } catch (NamingException e) { throw new BadCredentialsException("Bad credentials", e); } if (!match) throw new BadCredentialsException("Bad credentials"); return user; }
@Override public CommonResult updatePassword(String telephone, String password, String authCode) { UmsMemberExample example = new UmsMemberExample(); example.createCriteria().andPhoneEqualTo(telephone); List<UmsMember> memberList = memberMapper.selectByExample(example); if(CollectionUtils.isEmpty(memberList)){ return new CommonResult().failed("该账号不存在"); } //验证验证码 if(!verifyAuthCode(authCode,telephone)){ return new CommonResult().failed("验证码错误"); } UmsMember umsMember = memberList.get(0); umsMember.setPassword(passwordEncoder.encodePassword(password,null)); memberMapper.updateByPrimaryKeySelective(umsMember); return new CommonResult().success("密码修改成功",null); }
localCompareAuthenticate(user, password); } else { String encodedPassword = passwordEncoder.encodePassword(password, null); byte[] passwordBytes = Utf8.encode(encodedPassword); searchAuthenticate(user, passwordBytes, ldapTemplate);
fpst = customerForgotPasswordSecurityTokenDao.readToken(passwordEncoder.encodePassword(rawToken, salt));
umsMember.setUsername(username); umsMember.setPhone(telephone); umsMember.setPassword(passwordEncoder.encodePassword(password, null)); umsMember.setCreateTime(new Date()); umsMember.setStatus(1);