spring security 使用MD5 hash 認證

URL Link //n.sfs.tw/16295

2024-01-03 14:47:40 By igogo

 

spring security 預設使用BCrypt , 但是舊的系統使用md5 hash,

 

 

 @Bean
    PasswordEncoder passwordEncoder() {
        PasswordEncoder defaults = PasswordEncoderFactories.createDelegatingPasswordEncoder();
        Map<String, PasswordEncoder> encoderMap = new HashMap<>();
        encoderMap.put("MD5", new MessageDigestPasswordEncoder("MD5"));
        DelegatingPasswordEncoder delegatingPasswordEncoder = new DelegatingPasswordEncoder("MD5", encoderMap);
        delegatingPasswordEncoder.setDefaultPasswordEncoderForMatches(defaults);
        return delegatingPasswordEncoder;
    }

 

 

String rawPassword = "123456";
String oldMd5Passwd = String.format("{MD5}%s","e10adc3949ba59abbe56e057f20f883e");

String newMd5Passwd = passwordEncoder.encode(rawPassword);

logger.info(String.valueOf(passwordEncoder.matches(rawPassword,oldMd5Passwd)));

 

原資料庫裡經md5的密碼欄位要加上{MD5}

以密碼123456為例,  要存成  "{MD5}e10adc3949ba59abbe56e057f20f883e"

記得要存成小寫, 這裡卡關很久

 

 

https://emn178.github.io/online-tools/md5.html

https://www.cnblogs.com/cycheng/p/13984640.html