1. 스프링 시큐리티 에서 암호화객체의 종류는?
BCryptPasswordEncoderArgon2PasswordEncoderPbkdf2PasswordEncoderSCryptPasswordEncoder
2. 암호화 hash 방식이란?
- encrypt but not able to decrypt
3. 아래를 트라이 해보시오
- 아래의 패스워드 모듈을 프로젝트에 적용한후 - 로그인시 아이디는 emp ename 을 넣고 패스워드는 사원번호를 넣어 로그인이 되도록 해보시오.package edu.sejong.ex.security; import org.springframework.security.crypto.password.PasswordEncoder; import lombok.extern.log4j.Log4j; @Sl4j public class CustomNoOpPasswordEncoder implements PasswordEncoder { @Override public String encode(CharSequence rawPassword) { log.warn("before encode: " + rawPassword); return rawPassword.toString(); } @Override public boolean matches(CharSequence rawPassword, String encodedPassword) { log.warn("matches: " + rawPassword + " : " + encodedPassword); return rawPassword.toString().equals(encodedPassword); } }<!-- code1 --> <select id="getUser" resultType="edu.sejong.ex.vo.UserAuthorityVO"> <![CDATA[ select emp.*, emp.ename as username, emp.empno as password, fakeauthorities.* from emp, fakeauthorities where emp.ename = #{username} ]]> </select>//code2 create table fakeauthorities( authority varchar2(50) not null ); insert into fakeauthorities values ( 'ROLE_USER' ); commit;//code3 @Bean public PasswordEncoder passwordEncoder() { // return new BCryptPasswordEncoder(); return new CustomNoOpPasswordEncoder(); }
Brave but clumsy