0

我正在尝试使用带有休眠 3 的 Jasypt 在 webapp 中加密密码。我按照jasypt 网站上的说明进行操作。

这是我的休眠映射:

<hibernate-mapping package="webapp.entity">

  <typedef name="encrypted" class="org.jasypt.hibernate.type.EncryptedStringType">
    <param name="encryptorRegisteredName">strongHibernateStringEncryptor</param>
  </typedef>

  <class name="User" table="Users">
    <id name="name"
      column="name"
      type="string">
    </id>

    <property name="passwd"
      column="passwd"
      type="encrypted"
      not-null="true">
    </property>

  </class>

</hibernate-mapping>

现在我每次使用 hibernate 打开会话时都会注册加密器:

public void initHibSession() {
    HibernateUtil.buildSessionFactory();
    hib_session = HibernateUtil.getSessionFactory().getCurrentSession();
    if (hib_session != null && hib_session.isOpen()) {
        hib_session.close();
        hib_session = HibernateUtil.getSessionFactory().openSession();
    }
    hib_session.beginTransaction();

    StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor();
    strongEncryptor.setPassword("aStrongPassword");
    HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance();
    registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);
}

然后,每次我尝试访问用户时,都会引发此异常:

FreeMarker template error!

Method public java.lang.String  org.apache.commons.lang.exception.NestableRuntimeException.getMessage(int) threw an       exception when invoked on org.jasypt.exceptions.EncryptionInitializationException: No string encryptor registered for hibernate with name "strongHibernateEncryptor"
The problematic instruction:
----------
==&gt; ${msgs[0][0]} [on line 76, column 25 in org/apache/struts2/dispatcher/error.ftl]
----------

Java backtrace for programmers:
----------
freemarker.template.TemplateModelException: Method public java.lang.String  org.apache.commons.lang.exception.NestableRuntimeException.getMessage(int) threw an exception when invoked on org.jasypt.exceptions.EncryptionInitializationException: No string encryptor registered for hibernate with name "strongHibernateEncryptor"
at freemarker.ext.beans.SimpleMethodModel.exec(SimpleMethodModel.java:130)
at freemarker.ext.beans.SimpleMethodModel.get(SimpleMethodModel.java:138)
at freemarker.core.DynamicKeyName.dealWithNumericalKey(DynamicKeyName.java:111)
at freemarker.core.DynamicKeyName._getAsTemplateModel(DynamicKeyName.java:90)
at freemarker.core.Expression.getAsTemplateModel(Expression.java:89)
at freemarker.core.Expression.getStringValue(Expression.java:93)
at freemarker.core.DollarVariable.accept(DollarVariable.java:76)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.MixedContent.accept(MixedContent.java:92)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.IfBlock.accept(IfBlock.java:82)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.IfBlock.accept(IfBlock.java:82)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.MixedContent.accept(MixedContent.java:92)
at freemarker.core.Environment.visit(Environment.java:210)
at freemarker.core.Environment.process(Environment.java:190)
at freemarker.template.Template.process(Template.java:237)
at org.apache.struts2.dispatcher.Dispatcher.sendError(Dispatcher.java:748)
at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:505)
at org.apache.struts2.dispatcher.ng.ExecuteOperations.executeAction(ExecuteOperations.java:77)
at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:91)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:636)
Caused by: java.lang.NullPointerException
at     freemarker.ext.beans.SimpleMemberModel.unwrapArguments(SimpleMemberModel.java:85)
at freemarker.ext.beans.SimpleMethodModel.exec(SimpleMethodModel.java:106)
... 33 more

任何人都有使用 Hibernate 3 和 Struts 2 实现 jasypt 的想法,或者可以帮助我解决这个错误吗?(我必须使用 jasypt)

4

2 回答 2

0

您应该知道 hibernate / jaspyt 加密是基于 PBE 且可逆的,这意味着它只在数据库中加密,而不是在应用程序中。

特别是对于密码,最好使用不可逆的基于摘要的加密——StrongPasswordEncryptor在上述情况下,这确实是您应该使用的。

于 2011-03-31T16:46:43.640 回答
0

没关系,问题是映射中的加密器注册名称:

<param name="encryptorRegisteredName">strongHibernateEncryptor</param>

当我注册它时,我在名称中添加了“String”:

registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);

也必须设置密码:

strongEncryptor.setPassword("aStrongPassword");

现在没有更多错误了。

(我在上面编辑我的代码以反映更改)

于 2010-07-20T17:30:09.947 回答