用Hibernate 3和Struts 2实现Jasypt时出错

Question

我想用jasypt和hibernate 3来加密webapp中的密码。我按照jasypt website上的说明操作。

这里是我的Hibernate映射：

<hibernate-mapping package="webapp.entity"> 

    <typedef name="encrypted" class="org.jasypt.hibernate.type.EncryptedStringType"> 
    <param name="encryptorRegisteredName">strongHibernateStringEncryptor</param> 
    </typedef> 

    <class name="User" table="Users"> 
    <id name="name" 
     column="name" 
     type="string"> 
    </id> 

    <property name="passwd" 
     column="passwd" 
     type="encrypted" 
     not-null="true"> 
    </property> 

    </class> 

</hibernate-mapping> 

现在我每次我打开与Hibernate会话时间注册加密：

public void initHibSession() { 
    HibernateUtil.buildSessionFactory(); 
    hib_session = HibernateUtil.getSessionFactory().getCurrentSession(); 
    if (hib_session != null && hib_session.isOpen()) { 
     hib_session.close(); 
     hib_session = HibernateUtil.getSessionFactory().openSession(); 
    } 
    hib_session.beginTransaction(); 

    StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor(); 
    strongEncryptor.setPassword("aStrongPassword"); 
    HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance(); 
    registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor); 
} 

然后，每次我试图访问用户，此异常抛出：

FreeMarker template error! 

Method public java.lang.String org.apache.commons.lang.exception.NestableRuntimeException.getMessage(int) threw an  exception when invoked on org.jasypt.exceptions.EncryptionInitializationException: No string encryptor registered for hibernate with name "strongHibernateEncryptor" 
The problematic instruction: 
---------- 
==> ${msgs[0][0]} [on line 76, column 25 in org/apache/struts2/dispatcher/error.ftl] 
---------- 

Java backtrace for programmers: 
---------- 
freemarker.template.TemplateModelException: Method public java.lang.String org.apache.commons.lang.exception.NestableRuntimeException.getMessage(int) threw an exception when invoked on org.jasypt.exceptions.EncryptionInitializationException: No string encryptor registered for hibernate with name "strongHibernateEncryptor" 
at freemarker.ext.beans.SimpleMethodModel.exec(SimpleMethodModel.java:130) 
at freemarker.ext.beans.SimpleMethodModel.get(SimpleMethodModel.java:138) 
at freemarker.core.DynamicKeyName.dealWithNumericalKey(DynamicKeyName.java:111) 
at freemarker.core.DynamicKeyName._getAsTemplateModel(DynamicKeyName.java:90) 
at freemarker.core.Expression.getAsTemplateModel(Expression.java:89) 
at freemarker.core.Expression.getStringValue(Expression.java:93) 
at freemarker.core.DollarVariable.accept(DollarVariable.java:76) 
at freemarker.core.Environment.visit(Environment.java:210) 
at freemarker.core.MixedContent.accept(MixedContent.java:92) 
at freemarker.core.Environment.visit(Environment.java:210) 
at freemarker.core.IfBlock.accept(IfBlock.java:82) 
at freemarker.core.Environment.visit(Environment.java:210) 
at freemarker.core.IfBlock.accept(IfBlock.java:82) 
at freemarker.core.Environment.visit(Environment.java:210) 
at freemarker.core.MixedContent.accept(MixedContent.java:92) 
at freemarker.core.Environment.visit(Environment.java:210) 
at freemarker.core.Environment.process(Environment.java:190) 
at freemarker.template.Template.process(Template.java:237) 
at org.apache.struts2.dispatcher.Dispatcher.sendError(Dispatcher.java:748) 
at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:505) 
at org.apache.struts2.dispatcher.ng.ExecuteOperations.executeAction(ExecuteOperations.java:77) 
at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:91) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) 
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) 
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) 
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) 
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) 
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) 
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) 
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) 
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) 
at java.lang.Thread.run(Thread.java:636) 
Caused by: java.lang.NullPointerException 
at  freemarker.ext.beans.SimpleMemberModel.unwrapArguments(SimpleMemberModel.java:85) 
at freemarker.ext.beans.SimpleMethodModel.exec(SimpleMethodModel.java:106) 
... 33 more 

任何人都有一个想法与Hibernate 3实现jasypt和d Struts 2还是可以帮我解决这个错误？ （我不得不使用jasypt）

Answer 1

这没关系，问题是在映射的加密注册名称：

<param name="encryptorRegisteredName">strongHibernateEncryptor</param> 

当我注册的，我的名字加上“字符串”：

registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor); 

必须设置密码太：

strongEncryptor.setPassword("aStrongPassword"); 

没有更多的错误了。

（编辑我上面的代码以反映更改）

Answer 2

你应该知道，休眠/ jaspyt加密是基于PBE和可逆的，也就是说，它的数据库中的唯一加密，而不是在应用程序。

尤其对于密码，最好使用不可逆的基于摘要的加密 - StrongPasswordEncryptor实际上是您在上述情况下应该使用的。