Announcement Announcement Module
Collapse
No announcement yet.
SHA password encoder with salt not working Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • SHA password encoder with salt not working

    I am stroring SHA encoded password in the database using ShaPasswordEncoder class as shown below:

    applicationContext.xml
    Code:
    	<bean
    		class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"
    		id="passwordEncoder" />

    java code to encrypt password and save into the db
    Code:
    	@Autowired
    	PasswordEncoder passwordEncoder;
    
            ...
    
    		String encodedPassword = passwordEncoder.encodePassword(
    				person.getPassword(), null);
    		person.setEncodedPassword(encodedPassword);
    
                    // save person object to db
                    ...
    now, using password-encoder tag of Spring Security 3.0, I am encrypting password entered by user and then comparing it with the encrypted password stored above.

    security-config.xml
    Code:
    	<authentication-manager>
    		<authentication-provider user-service-ref="customUserDetailsService">
    		<password-encoder hash="sha" />
    	</authentication-provider>
    The above scenario is working fine.

    But, when I am adding salt then its not working. Please find below the changes:

    changes in java code:
    Code:
    		String encodedPassword = passwordEncoder.encodePassword(
    				person.getPassword(), "name"); // where, name is property of Person class
    changes in security-config.xml
    Code:
    	<authentication-manager>
    		<authentication-provider user-service-ref="customUserDetailsService">
    		<password-encoder hash="sha">
    			<salt-source user-property="name" />
    		</password-encoder>
    	</authentication-provider>
Working...
X