今天在學(xué)習(xí)Spring Security時(shí),登錄的時(shí)候遇見如下錯(cuò)誤:
java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"
原因是因?yàn)樵赟pring Security 版本 5.0之后,官方新增加了加密方式,并把原有的spring security的密碼存儲(chǔ)格式改了蚯姆。
解決方法:
在 Spring Security的配置類中增加如下代碼:
private PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
/**
* 將認(rèn)證信息存儲(chǔ)到內(nèi)存中
*
* @param auth
* @throws Exception
*/
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.passwordEncoder(passwordEncoder())
.withUser("admin")
.password(passwordEncoder().encode("123456"))
.roles("ADMIN");
}
補(bǔ)充一句:
新的密碼存儲(chǔ)格式為:加密方式和加密后的密碼
{id}encodedPassword
具體存儲(chǔ)方式可以查看 PasswordEncoderFactories 類
public static PasswordEncoder createDelegatingPasswordEncoder() {
String encodingId = "bcrypt";
Map<String, PasswordEncoder> encoders = new HashMap();
encoders.put(encodingId, new BCryptPasswordEncoder());
encoders.put("ldap", new LdapShaPasswordEncoder());
encoders.put("MD4", new Md4PasswordEncoder());
encoders.put("MD5", new MessageDigestPasswordEncoder("MD5"));
encoders.put("noop", NoOpPasswordEncoder.getInstance());
encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
encoders.put("scrypt", new SCryptPasswordEncoder());
encoders.put("SHA-1", new MessageDigestPasswordEncoder("SHA-1"));
encoders.put("SHA-256", new MessageDigestPasswordEncoder("SHA-256"));
encoders.put("sha256", new StandardPasswordEncoder());
return new DelegatingPasswordEncoder(encodingId, encoders);
}
private PasswordEncoderFactories() {
}
之前的默認(rèn)配置已經(jīng)被廢棄了,不推薦使用!
@Bean
PasswordEncoder passwordEncoder(){
return NoOpPasswordEncoder.getInstance();
}