使用BCryptPasswordEncoder管理密码

 

官方是推荐我们使用BCryptPasswordEncoder而PasswordEncoder 等已经被废弃了

 

1.看个简单的例子

    @Test
    public void testPass(){
        String pass = "hello";
        BCryptPasswordEncoder encode = new BCryptPasswordEncoder();
        String hashPass = encode.encode(pass);
        System.out.println(hashPass);
    }

 

结果

"C:\Program Files\Java\jdk1.7.0_17\bin\java" -ea -Didea.launcher.port=7533 "-Didea.launcher.bin.path=D:\ProgramFiles\IntelliJ IDEA 13.1.1\bin" -Dfile.encoding=UTF-8 -classpath "D:\ProgramFiles\IntelliJ IDEA 13.1.1\lib\idea_rt.jar;D:\ProgramFiles\IntelliJ IDEA -....

maven-3.2.5$L7zZLkcnBL84f0OI2./uPexa2N/UHRjminLvhFzkB2yvJO209BKim

Process finished with exit code 0

2.使用配置anno

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	@Autowired
	DataSource dataSource;
	
	@Autowired
	public void configAuthentication(AuthenticationManagerBuilder auth) 
		throws Exception {
		
		auth.jdbcAuthentication().dataSource(dataSource)
			.passwordEncoder(passwordEncoder())
			.usersByUsernameQuery("sql...")
			.authoritiesByUsernameQuery("sql...");
	}	
	
	@Bean
	public PasswordEncoder passwordEncoder(){
		PasswordEncoder encoder = new BCryptPasswordEncoder();
		return encoder;
	}

我们在这里注册了一个PasswordEncoder,使用时主要在注册时进行加盐保存到数据库,登录时会自动识别密码