[ACCEPTED]-Spring Security Encrypt MD5-encryption
I realize this is a little late, but Spring 7 has built-in classes that make this a lot 6 easier.
@Test
public void testSpringEncoder() {
PasswordEncoder encoder = new Md5PasswordEncoder();
String hashedPass = encoder.encodePassword("koala", null);
assertEquals("a564de63c2d0da68cf47586ee05984d7", hashedPass);
}
This is a unit test that I wrote 5 using the built in Spring Security code, it 4 is a lot smaller than the MessageDigest 3 code and since you are using Spring Security 2 already, you should have the classes in 1 your classpath already.
How are you creating your MD5 hashes? Something 2 like the following works well in Java:
MessageDigest messageDigest = MessageDigest.getInstance("MD5");
messageDigest.update(user.getPassword().getBytes(),0, user.getPassword().length());
String hashedPass = new BigInteger(1,messageDigest.digest()).toString(16);
if (hashedPass.length() < 32) {
hashedPass = "0" + hashedPass;
}
When 1 you encode "koala" do you get "a564de63c2d0da68cf47586ee05984d7"?
Have you read 6.3.3 Hashing and Authentication section from Spring Security 3 reference manual? It mentioned some possible 2 issues that you might encounter in using 1 password hashing.
Some possibilities it listed:
- Database password hash might be in Base64, while the result from MD5PasswordEncoder is in hexadecimal strings
- Your password hash might be in upper-case, while the result from the encoder is in lower case strings
More Related questions
We use cookies to improve the performance of the site. By staying on our site, you agree to the terms of use of cookies.