[IT] Spring Security, PasswordEncoder

Spring Security 3.1

참고 : http://zgundam.tistory.com/54

Interface 

org.springframework.security.crypto.password.PasswordEncoder

비밀번호 등 암호화 기능 제공. 내부적으로 salt를 랜덤하게 생성하여 적용함.

Class

org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder : 테스트 용도로, 실제로 암호화 기능을 수행하지 않고 입력받은 암호화 할 문자를 그대로 return함.

org.springframework.security.crypto.password.NoOpPasswordEncoder : bcrypt 해시 알고리즘 사용

org.springframework.security.crypto.password.StandardPasswordEncoder : sha 해시 알고리즘 사용(기본값:sha-256)

Method

String encode(CharSequence rawPassword); : 입력 문자열을 암호화하여 return

boolean matches(CharSequence rawPassword, String encodedPassword); : 입력한 문자열과 암호화된 문자열 비고

설정

<authentication-manager>

<authentication-provider user-service-ref="custom.JdbcDaoImpl">

<password-encoder hash="bcrypt" />

</authentication-provider>

</authentication-manager>

혹은

<beans:bean id="bcryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />

<authentication-manager>

<authentication-provider user-service-ref="custom.JdbcDaoImpl">

<password-encoder ref="bcryptPasswordEncoder" />

</authentication-provider>

</authentication-manager>

Controller

//injection

@Autowired

BCryptPasswordEncoder passwordEncoder;

@RequestMapping(value="passwordEncoder", method={RequestMethod.GET, RequestMethod.POST})

public String passwordEncoder(@RequestParam(value="targetStr", required=false, defaultValue="") String targetStr, Model model){

if(StringUtils.hasText(targetStr)){

//encrypt

String bCryptString = passwordEncoder.encode(targetStr);

model.addAttribute("targetStr" targetStr);

model.addAttribute("bCryptString", bCryptString);

}

return "/common/showBCryptString";

}