Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
github
/
spring-security
mirror de https://github.com/spring-projects/spring-security
2
0
Fork 0
Ficheiros Problemas 0 Wiki
Ver Fonte

Merge branch '5.8.x'

Joe Grandja há 3 anos atrás
pai
ed6a7f7730 ffbcaca24a
commit
716aa6df5c
2 ficheiros alterados com 20 adições e 12 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 18 10
      docs/modules/ROOT/pages/features/authentication/password-storage.adoc
  2. 2 2
      docs/modules/ROOT/pages/features/integrations/cryptography.adoc

+ 18 - 10
docs/modules/ROOT/pages/features/authentication/password-storage.adoc
Ver Ficheiro 

@@ -93,8 +93,12 @@ String idForEncode = "bcrypt";
 
 Map encoders = new HashMap<>();
 
 encoders.put(idForEncode, new BCryptPasswordEncoder());
 
 encoders.put("noop", NoOpPasswordEncoder.getInstance());
 
-encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
 
-encoders.put("scrypt", new SCryptPasswordEncoder());
 
+encoders.put("pbkdf2", Pbkdf2PasswordEncoder.defaultsForSpringSecurity_v5_5());
 
+encoders.put("pbkdf2@SpringSecurity_v5_8", Pbkdf2PasswordEncoder.defaultsForSpringSecurity_v5_8());
 
+encoders.put("scrypt", SCryptPasswordEncoder.defaultsForSpringSecurity_v4_1());
 
+encoders.put("scrypt@SpringSecurity_v5_8", SCryptPasswordEncoder.defaultsForSpringSecurity_v5_8());
 
+encoders.put("argon2", Argon2PasswordEncoder.defaultsForSpringSecurity_v5_2());
 
+encoders.put("argon2@SpringSecurity_v5_8", Argon2PasswordEncoder.defaultsForSpringSecurity_v5_8());
 
 encoders.put("sha256", new StandardPasswordEncoder());
 
 
 PasswordEncoder passwordEncoder =
 
@@ -108,8 +112,12 @@ val idForEncode = "bcrypt"
 
 val encoders: MutableMap<String, PasswordEncoder> = mutableMapOf()
 
 encoders[idForEncode] = BCryptPasswordEncoder()
 
 encoders["noop"] = NoOpPasswordEncoder.getInstance()
 
-encoders["pbkdf2"] = Pbkdf2PasswordEncoder()
 
-encoders["scrypt"] = SCryptPasswordEncoder()
 
+encoders["pbkdf2"] = Pbkdf2PasswordEncoder.defaultsForSpringSecurity_v5_5()
 
+encoders["pbkdf2@SpringSecurity_v5_8"] = Pbkdf2PasswordEncoder.defaultsForSpringSecurity_v5_8()
 
+encoders["scrypt"] = SCryptPasswordEncoder.defaultsForSpringSecurity_v4_1()
 
+encoders["scrypt@SpringSecurity_v5_8"] = SCryptPasswordEncoder.defaultsForSpringSecurity_v5_8()
 
+encoders["argon2"] = Argon2PasswordEncoder.defaultsForSpringSecurity_v5_2()
 
+encoders["argon2@SpringSecurity_v5_8"] = Argon2PasswordEncoder.defaultsForSpringSecurity_v5_8()
 
 encoders["sha256"] = StandardPasswordEncoder()
 
 
 val passwordEncoder: PasswordEncoder = DelegatingPasswordEncoder(idForEncode, encoders)
 
@@ -367,7 +375,7 @@ The current implementation of the `Argon2PasswordEncoder` requires BouncyCastle.
 
 [source,java,role="primary"]
 
 ----
 
 // Create an encoder with all the defaults
 
-Argon2PasswordEncoder encoder = new Argon2PasswordEncoder();
 
+Argon2PasswordEncoder encoder = Argon2PasswordEncoder.defaultsForSpringSecurity_v5_8();
 
 String result = encoder.encode("myPassword");
 
 assertTrue(encoder.matches("myPassword", result));
 
 ----
 
@@ -376,7 +384,7 @@ assertTrue(encoder.matches("myPassword", result));
 
 [source,kotlin,role="secondary"]
 
 ----
 
 // Create an encoder with all the defaults
 
-val encoder = Argon2PasswordEncoder()
 
+val encoder = Argon2PasswordEncoder.defaultsForSpringSecurity_v5_8()
 
 val result: String = encoder.encode("myPassword")
 
 assertTrue(encoder.matches("myPassword", result))
 
 ----
 
@@ -396,7 +404,7 @@ This algorithm is a good choice when FIPS certification is required.
 
 [source,java,role="primary"]
 
 ----
 
 // Create an encoder with all the defaults
 
-Pbkdf2PasswordEncoder encoder = new Pbkdf2PasswordEncoder();
 
+Pbkdf2PasswordEncoder encoder = Pbkdf2PasswordEncoder.defaultsForSpringSecurity_v5_8();
 
 String result = encoder.encode("myPassword");
 
 assertTrue(encoder.matches("myPassword", result));
 
 ----
 
@@ -405,7 +413,7 @@ assertTrue(encoder.matches("myPassword", result));
 
 [source,kotlin,role="secondary"]
 
 ----
 
 // Create an encoder with all the defaults
 
-val encoder = Pbkdf2PasswordEncoder()
 
+val encoder = Pbkdf2PasswordEncoder.defaultsForSpringSecurity_v5_8()
 
 val result: String = encoder.encode("myPassword")
 
 assertTrue(encoder.matches("myPassword", result))
 
 ----
 
@@ -424,7 +432,7 @@ Like other adaptive one-way functions, it should be tuned to take about 1 second
 
 [source,java,role="primary"]
 
 ----
 
 // Create an encoder with all the defaults
 
-SCryptPasswordEncoder encoder = new SCryptPasswordEncoder();
 
+SCryptPasswordEncoder encoder = SCryptPasswordEncoder.defaultsForSpringSecurity_v5_8();
 
 String result = encoder.encode("myPassword");
 
 assertTrue(encoder.matches("myPassword", result));
 
 ----
 
@@ -433,7 +441,7 @@ assertTrue(encoder.matches("myPassword", result));
 
 [source,kotlin,role="secondary"]
 
 ----
 
 // Create an encoder with all the defaults
 
-val encoder = SCryptPasswordEncoder()
 
+val encoder = SCryptPasswordEncoder.defaultsForSpringSecurity_v5_8()
 
 val result: String = encoder.encode("myPassword")
 
 assertTrue(encoder.matches("myPassword", result))
 
 ----

+ 2 - 2
docs/modules/ROOT/pages/features/integrations/cryptography.adoc
Ver Ficheiro 

@@ -235,7 +235,7 @@ The following system uses the `Pbkdf2PasswordEncoder`:
 
 [source,java,role="primary"]
 
 ----
 
 // Create an encoder with all the defaults
 
-Pbkdf2PasswordEncoder encoder = new Pbkdf2PasswordEncoder();
 
+Pbkdf2PasswordEncoder encoder = Pbkdf2PasswordEncoder.defaultsForSpringSecurity_v5_8();
 
 String result = encoder.encode("myPassword");
 
 assertTrue(encoder.matches("myPassword", result));
 
 ----
 
@@ -244,7 +244,7 @@ assertTrue(encoder.matches("myPassword", result));
 
 [source,kotlin,role="secondary"]
 
 ----
 
 // Create an encoder with all the defaults
 
-val encoder = Pbkdf2PasswordEncoder()
 
+val encoder = Pbkdf2PasswordEncoder.defaultsForSpringSecurity_v5_8()
 
 val result: String = encoder.encode("myPassword")
 
 assertTrue(encoder.matches("myPassword", result))
 
 ----