Spring Security BCryptPasswordEncoder 插入但不匹配 [英] Spring Security BCryptPasswordEncoder Inserted But Not Match

问题描述

我在 Spring MVC 上开发了一个小项目.该项目有帐户表，帐户有一个使用 BCryptPasswordEncoder 编码的密码.我使用了 java 配置而不是 XML 配置.

I have developed a small project on Spring MVC. The project has account table and account has an encoded password with BCryptPasswordEncoder. I have used java config instead of XML config.

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter 
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}

我获取用户信息并对密码进行编码.

I get user information and encode the password.

@Autowired
    private PasswordEncoder passwordEncoder;

    String pass=user.getPassword();
    user.setPassword(passwordEncoder.encode(pass));

最后，即使我使用 123 密码，它也会对其进行编码，

In the end, even if I user 123 a password it encoded it but,

boolean passstate=pe.matches(pass, user.getPassword());

返回错误

推荐答案

一个常见的错误，password"列(users表)的长度小于60，比如password VARCHAR(45)，还有一些数据库将自动截断数据.因此，您总是会收到警告编码的密码看起来不像 BCrypt".

A common mistake, the length of the "password" column (users table) is less than 60, for example, password VARCHAR(45), and some databases will truncate the data automatically. So, you always get the warning "Encoded password does not look like BCrypt".

要解决它，请确保密码"列的长度至少为 60.

To solve it, make sure the length of "password" column is at least 60.

更多详情请查看:https://www.mkyong.com/spring-security/spring-security-encoded-password-does-not-look-like-bcrypt/

这篇关于Spring Security BCryptPasswordEncoder 插入但不匹配的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！