Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from passlib.context import CryptContext
- # Encrypt the password
- default_crypt_context = CryptContext(['pbkdf2_sha512', 'md5_crypt'],deprecated=['md5_crypt'],)
- encrypted = default_crypt_context.encrypt('password')
- # Password verification can be done this way
- default_crypt_context.verify('password',encrypted)
- @Bean
- public Pbkdf2PasswordEncoder passwordEncoder() {
- Pbkdf2PasswordEncoder pbkdf2Sha512 = new Pbkdf2PasswordEncoder(secret, iterations, hashWidth);
- pbkdf2Sha512.setEncodeHashAsBase64(true);
- pbkdf2Sha512.setAlgorithm(SecretKeyFactoryAlgorithm.PBKDF2WithHmacSHA512);
- return pbkdf2Sha512;
- }
- @PostConstruct
- public void init() {
- try {
- // auth.inMemoryAuthentication().withUser("julius").password("{noop}secret").roles("USER").and().withUser("admin")
- // .password("{noop}admin").roles("USER", "ADMIN");
- auth.jdbcAuthentication().dataSource(dataSource).usersByUsernameQuery(
- "select login as username, password_crypt as password, active as enabled from res_users where login=?")
- .authoritiesByUsernameQuery("select ru.login as username, rg.name as authority "
- + "from res_groups_users_rel rgu, res_users ru, res_groups rg "
- + "where rg.id = rgu.gid and ru.id = rgu.uid and ru.login=?");
- // .passwordEncoder(new Pbkdf2PasswordEncoder());
- } catch (Exception e) {
- throw new BeanInitializationException("Security configuration failed", e);
- }
- }
- @Override
- public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
- throws AuthenticationException, IOException, ServletException {
- // Content-Type: application/x-www-form-urlencoded
- String username = request.getParameter("username");
- String password = request.getParameter("password");
- UsernamePasswordAuthenticationToken authenticationToken =
- new UsernamePasswordAuthenticationToken(username, password);
- Authentication authentication = this.authenticationManager.authenticate(authenticationToken);
- SecurityContextHolder.getContext().setAuthentication(authentication);
- return authentication;
- }
- $pbkdf2-sha512$25000$vpfyXqs1xhgDIMTY21vLuQ$DAKoL7puHkSZeQM0dF/caP6rbuhXSoIKAMue5a2jcCAf8.P62lJUKy9CDfjCyvXhLqfxUXukvp7LBrL8zZok8g
- ERROR o.s.b.w.s.support.ErrorPageFilter - Forwarding to error page from request [/api/authenticate] due to exception [Detected a Non-hex character at 1 or 2 position]
- java.lang.IllegalArgumentException: Detected a Non-hex character at 1 or 2 position
- at org.springframework.security.crypto.codec.Hex.decode(Hex.java:62)
- at org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.decode(Pbkdf2PasswordEncoder.java:166)
- at org.springframework.security.crypto.password.Pbkdf2PasswordEncoder.matches(Pbkdf2PasswordEncoder.java:142)
- at org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration$LazyPasswordEncoder.matches(AuthenticationConfiguration.java:289)
- at org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java:86)
- at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:166)
- at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
Add Comment
Please, Sign In to add comment