解密liferay密码
目前正在玩liferay,我希望获得用户名和密码。
我可以获取用户名和加密密码,所以我需要解密密码 - 我想我可以这样做:
Company company;
try {
company = CompanyUtil.findByPrimaryKey(user.getCompanyId());
password = Encryptor.decrypt(company.getKeyObj(), password);
} catch (NoSuchCompanyException e) {
e.printStackTrace();
} catch (SystemException e) {
e.printStackTrace();
} catch (EncryptorException e) {
e.printStackTrace();
}
然而,这会返回一个加密异常:
com.liferay.util.EncryptorException: com.liferay.util.EncryptorException: javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher
我也已经在liferay论坛上发布了,但希望这里有人也可以能够提供帮助 - 我目前正在尝试以挂钩形式执行此操作,Portlet 会是一个更好的主意吗?
非常感谢
Currently playing with liferay and i wish to get the username and password.
i can get the username and encrpyted password, so i need to decrypt the password - i thought i could do this with:
Company company;
try {
company = CompanyUtil.findByPrimaryKey(user.getCompanyId());
password = Encryptor.decrypt(company.getKeyObj(), password);
} catch (NoSuchCompanyException e) {
e.printStackTrace();
} catch (SystemException e) {
e.printStackTrace();
} catch (EncryptorException e) {
e.printStackTrace();
}
This however returns with an encryptorexception that is:
com.liferay.util.EncryptorException: com.liferay.util.EncryptorException: javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher
I have posted on the liferay forums aswell, but was hoping someone here may also be able to help - i am currently trying to do this in hook form, would a portlet be a better idea?
Many Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
Liferay 对密码进行哈希处理,因此不存在“解密”密码的概念:这在技术上是不可能的。您可以暴力破解一些匹配的部分,但不仅仅是解密它。
请参阅Liferay 留言板中的一些更深入的讨论。 (这里复制/粘贴的内容太多)
如果您也在那里发布了您的问题,如果您的帖子为讨论增加了价值,请发布您到这篇文章(和/或副版本)的链接
Liferay is hashing passwords, so there's no concept "decrypting" the password: It's technically impossible. You can brute force some matching parts, but not just decrypt it.
See some deeper discussion in the Liferay message boards. (This is too much to copy/paste here)
If you've also posted your question there, please post a link from your to this post (and/or vice version) if your thread adds value to the discussion
我认为(或希望)Liferay 使用散列来加密密码。在这种情况下,您必须使用相同的方法对给定的密码进行加密,并对照保存的密码进行检查。
你解密密码的目的是什么?这决定了您将在哪个位置实现该钩子或 portlet。
I thought (or hoped) Liferay uses hashing to encrypt the passwords. In this case, you would have to encrypt the given password using the same method and check against the saved one.
What is your purpose of decrypting the password? This determines in which place you would implement this - hook or portlet.