klenq's blog HomeArchivesTagsCategories
Spring Security 明文密码
|Guides

Springboot 中配置 Spring Security

配置PasswordEncode, 使其不适用任何加密方式直接从数据库中查找明文密码

正常我们在配置类@Configuration里面需要继承WebSecurityConfigurerAdapter类并重写configure(AuthenticationManagerBuilder auth)方法, 这里面的encoder 需要我们自己定义加密方式

1
2
3
4
5
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(userDetailService).passwordEncoder(encoder);

}

而如果在开发初期, 或者调试, 不想使用任何加密方式判断, 可以在PasswordEncoder里面配置

1
2
3
4
5
6
7
8
9
10
private PasswordEncoder encoder = new PasswordEncoder() {
    // 明文密码,直接与数据库中的密码判断
    @Override
    public String encode(CharSequence charSequence) {
        return charSequence.toString();
    }
    @Override
    public boolean matches(CharSequence charSequence, String s) {
        return s.equals(charSequence.toString());
    }

这样如果在配置安全框架前已有数据库密码是明文, 那就也依然可以使用原先密码登录项目, 之后再做修改.

Author: klenq
Link: https://klenq.github.io/2021/11/26/Spring Security 明文密码/
Copyright Notice: All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stating additionally.
JavaSpring-framework