在 spring 5 + 中,加密类型 SHA-512 已被弃用。在我的 API 项目中,我使用的是 spring 5+,我必须使用 SHA-512,因为数据库是旧类型的密码加密。我的编码器方法需要返回一个自定义类对象,该对象使用用户电子邮件作为盐编码为 SHA-512。我正在使用自定义用户表。知道如何处理这种情况吗?谢谢你们的帮助。我的春季安全课:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final CustomUserDetailsService customUserDetailsService;
@Autowired
public SecurityConfig(CustomUserDetailsService customUserDetailsService{this.customUserDetailsService=customUserDetailsService;}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/api/**").authenticated()
.and()
.httpBasic()
.and()
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(customUserDetailsService);
authProvider.setPasswordEncoder(encoder());
return authProvider;
}
@Bean
public DelegatingPasswordEncoder encoder() {//what i return here for SHA-512?;}
}