We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
1.初始密码123456是通过什么逻辑变成数据库中的MD5加密字符串d3c59d25033dbf980d29554025c23a75的? 2.userInfo对象中的salt为什么是MD5加密字符串,它到底是用来做什么的啊? 3.通过getCredentialsSalt( )生成的盐是用来做什么的? 求解惑,谢谢谢谢谢谢。。。。
The text was updated successfully, but these errors were encountered:
调查了一下,加密逻辑代码大致如下,具体可以debug打断点: user.setSalt(randomNumberGenerator.nextBytes().toHex()); String newPassword = new SimpleHash( md5, user.getPassword(), ByteSource.Util.bytes(user.getCredentialsSalt()), 2).toHex(); 首先user对象中的salt一般都是动态生成的但它并不是真正用来加密的盐,而user.getCredentialsSalt()生成的用户名+salt生成的新盐才是真正的盐。 其次开始时user对象的password就是用户输入的明文密码123456,然后通过调用shiro中的SimpleHash方法进行加密。
user.setSalt(randomNumberGenerator.nextBytes().toHex());
String newPassword = new SimpleHash(
md5,
user.getPassword(),
ByteSource.Util.bytes(user.getCredentialsSalt()),
2).toHex();
Sorry, something went wrong.
No branches or pull requests
1.初始密码123456是通过什么逻辑变成数据库中的MD5加密字符串d3c59d25033dbf980d29554025c23a75的?
2.userInfo对象中的salt为什么是MD5加密字符串,它到底是用来做什么的啊?
3.通过getCredentialsSalt( )生成的盐是用来做什么的?
求解惑,谢谢谢谢谢谢。。。。
The text was updated successfully, but these errors were encountered: