spring - 尝试登录时获取“org.jasypt.exceptions.EncryptionOperationNotPossibleException”

Question

我正在使用 Jasypt 1.9.0、Spring 3.1.1.RELEASE 和 Maven 3.0.3。当我在登录页面输入用户名和密码并提交时，我收到以下错误...</p>

org.jasypt.exceptions.EncryptionOperationNotPossibleException
    org.jasypt.digest.StandardByteDigester.matches(StandardByteDigester.java:1107)
    org.jasypt.digest.StandardStringDigester.matches(StandardStringDigester.java:1052)
    org.jasypt.util.password.ConfigurablePasswordEncryptor.checkPassword(ConfigurablePasswordEncryptor.java:252)
    org.jasypt.spring.security3.PasswordEncoder.isPasswordValid(PasswordEncoder.java:207)
    org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java:64)
    org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:149)
    org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
    org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
    org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:194)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
    org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:184)
    org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:155)
    org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
    org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)

这是我设置的 Spring 安全性

<beans:bean id="bcProvider" class="org.bouncycastle.jce.provider.BouncyCastleProvider" />

<beans:bean id="jasyptPasswordEncryptor" class="org.jasypt.util.password.ConfigurablePasswordEncryptor">
    <beans:property name="algorithm">
        <beans:value>SHA-256</beans:value>
    </beans:property>
    <beans:property name="provider">
        <beans:ref bean="bcProvider" />
    </beans:property>
</beans:bean>

<!-- This Spring Security-friendly PasswordEncoder implementation will -->
<!-- wrap the PasswordEncryptor instance so that it can be used from -->
<!-- the security framework. -->
<beans:bean id="passwordEncoder" class="org.jasypt.spring.security3.PasswordEncoder">
    <beans:property name="passwordEncryptor">
        <beans:ref bean="jasyptPasswordEncryptor" />
    </beans:property>
</beans:bean>

<authentication-manager alias="authenticationManager"
    id="authenticationManager">
    <authentication-provider user-service-ref="sbdUserDetailsService">
        <password-encoder ref="passwordEncoder" />
    </authentication-provider>
</authentication-manager>

Jasypt 文档不是很有帮助，我不知道还要检查什么。感谢这里的任何帮助。-

Answer 1

如果不对 Jasypt 库进行调试并找到潜在的异常，就可能故意无法从 Jasypt 库中找出错误的原因。我的猜测是您在后端存储中有一个未消化的密码（比较消化密码失败的最可能原因）。