似乎沒有要與Jasypt做一個Hibernate的具體方式,但你可以設置在春季密碼加密:
<!--
Set up string digester here so we can configure it for more pools if it's a problem...
-->
<bean id="stringDigester" class="org.jasypt.digest.PooledStringDigester">
<!-- same settings as StrongPasswordGenerator -->
<property name="poolSize" value="2"/>
<property name="algorithm" value="SHA-256"/>
<property name="iterations" value="100000"/>
<property name="saltGenerator">
<bean class="org.jasypt.salt.RandomSaltGenerator"/>
</property>
<property name="saltSizeBytes" value="16"/>
</bean>
<!-- ...and then we only have to deal with the passwordEncryptor interface in code. -->
<bean id="passwordEncryptor" class="com.myproject.util.StringPasswordEncryptor">
<property name="stringDigester" ref="stringDigester"/>
</bean>
之後,你叫context.getBean(「passwordEncryptor 「)獲取加密器,然後調用encryptPassword()或checkPassword()。
我一直保存在密碼的哈希而不是實際的密碼。這樣你仍然可以驗證它,但你沒有任何存儲它的責任。 – Jesse 2009-07-02 15:45:31
沒錯,這正是我想要做的 - 只是試圖找到一個庫,它可以幫助查詢ORM層的散列值。 – stevedbrown 2009-07-02 15:46:50