此行有多个标记 - NoOpPasswordEncoder 类型已弃用 - NoOpPasswordEncoder 类型的方法 getInstance() 已弃用
Multiple markers at this line - The type NoOpPasswordEncoder is deprecated - The method getInstance() from the type NoOpPasswordEncoder is deprecated
我正在研究 Spring Cloud + Boot 示例。在此示例中,我希望进行 SSO。当我 运行 这个应用程序时,我得到了很好的响应,但看起来像
Multiple markers at this line
- The type NoOpPasswordEncoder is deprecated
- The method getInstance() from the type NoOpPasswordEncoder is
deprecated
application.properties
server.port: 9000
server.servlet.context-path: /services
security.oauth2.client.clientId: pluralsight
security.oauth2.client.clientSecret: pluralsightsecret
security.oauth2.client.authorized-grant-types: authorization_code,refresh_token,password,client_credentials
security.oauth2.client.scope:toll_read,toll_report
ServiceConfig.java
@Configuration
public class ServiceConfig extends GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.passwordEncoder(NoOpPasswordEncoder.getInstance())
.withUser("agoldberg").password("pass1").roles("USER")
.and()
.withUser("bgoldberg").password("pass2").roles("USER", "OPERATOR");
}
}
主要方法:
@SpringBootApplication
@EnableAuthorizationServer
public class PluralsightSpringcloudM4SecureauthserverApplication {
public static void main(String[] args) {
SpringApplication.run(PluralsightSpringcloudM4SecureauthserverApplication.class, args);
}
}
但是STS,显示错误。已弃用方法的替代方法是什么?
输出:
您不应使用此密码编码器,因为它不安全。来自 official docs:
This PasswordEncoder is not secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades.
我能够使用以下代码解决此问题。我正在使用 Spring 引导版本 2.0.4.RELEASE。完成!
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter;
@Configuration
public class ServiceConfig extends GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("agoldberg").password("{noop}pass1").roles("USER")
.and()
.withUser("bgoldberg").password("{noop}pass2").roles("USER", "OPERATOR");
}
}
不要使用 NoOpPasswordEncoder。它什么都不做。请改用:Pbkdf2PasswordEncoder、SCryptPasswordEncoder 或 BCryptPasswordEncoder。我通常使用 BCryptPasswordEncoder.
作为 bean 启动:
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
我正在研究 Spring Cloud + Boot 示例。在此示例中,我希望进行 SSO。当我 运行 这个应用程序时,我得到了很好的响应,但看起来像
Multiple markers at this line - The type NoOpPasswordEncoder is deprecated - The method getInstance() from the type NoOpPasswordEncoder is deprecated
application.properties
server.port: 9000
server.servlet.context-path: /services
security.oauth2.client.clientId: pluralsight
security.oauth2.client.clientSecret: pluralsightsecret
security.oauth2.client.authorized-grant-types: authorization_code,refresh_token,password,client_credentials
security.oauth2.client.scope:toll_read,toll_report
ServiceConfig.java
@Configuration
public class ServiceConfig extends GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.passwordEncoder(NoOpPasswordEncoder.getInstance())
.withUser("agoldberg").password("pass1").roles("USER")
.and()
.withUser("bgoldberg").password("pass2").roles("USER", "OPERATOR");
}
}
主要方法:
@SpringBootApplication
@EnableAuthorizationServer
public class PluralsightSpringcloudM4SecureauthserverApplication {
public static void main(String[] args) {
SpringApplication.run(PluralsightSpringcloudM4SecureauthserverApplication.class, args);
}
}
但是STS,显示错误。已弃用方法的替代方法是什么?
输出:
您不应使用此密码编码器,因为它不安全。来自 official docs:
This PasswordEncoder is not secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades.
我能够使用以下代码解决此问题。我正在使用 Spring 引导版本 2.0.4.RELEASE。完成!
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter;
@Configuration
public class ServiceConfig extends GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("agoldberg").password("{noop}pass1").roles("USER")
.and()
.withUser("bgoldberg").password("{noop}pass2").roles("USER", "OPERATOR");
}
}
不要使用 NoOpPasswordEncoder。它什么都不做。请改用:Pbkdf2PasswordEncoder、SCryptPasswordEncoder 或 BCryptPasswordEncoder。我通常使用 BCryptPasswordEncoder.
作为 bean 启动:
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}