|
@@ -45,6 +45,11 @@ public class MyAuthenticationProvider extends DaoAuthenticationProvider {
|
|
|
// }
|
|
// }
|
|
|
// 先检测存储密码的完整性
|
|
// 先检测存储密码的完整性
|
|
|
SysUser user = (SysUser) userDetails;
|
|
SysUser user = (SysUser) userDetails;
|
|
|
|
|
+
|
|
|
|
|
+ if ("1".equals(user.getPassword())){
|
|
|
|
|
+ throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
String dbpwd = "";
|
|
String dbpwd = "";
|
|
|
try {
|
|
try {
|
|
|
dbpwd = SM2CryptUtils.decrypt(user.getPassword(), SecretKeyConstants.SERVER_PRIVATE_KEY);
|
|
dbpwd = SM2CryptUtils.decrypt(user.getPassword(), SecretKeyConstants.SERVER_PRIVATE_KEY);
|
xusl