使用 Fluent NHibernate 持久性测试工具和具有加密密码字段的对象
首先:我对 Fluent 和 NHibernate 完全陌生。
我有一个包含密码字段的用户对象。设置该字段时,该值会被加密。现在我尝试使用
new PersistenceSpecification<User>(session)
...
.CheckProperty(p => p.Password, "secret")
...
.VerifyTheMappings();
持久性检查器工具。我面临的问题是密码字段的处理。调试器告诉我,该工具多次调用密码字段设置器。第一次使用明文密码“secret”。接下来的加密版本最终会多次加密我的密码。
知道如何应对这个问题吗?
First of all: I am completely new to Fluent and NHibernate.
I have a User object that contains a password field. When setting that field the value gets encrypted. Now I try to use the
new PersistenceSpecification<User>(session)
...
.CheckProperty(p => p.Password, "secret")
...
.VerifyTheMappings();
persistence checker tool. The problem I am facing is the handling of the password field. The debugger told me that the tool calls the Password field setter multiple times. The first time with the cleartext password "secret". The following times with the encrypted versions ending up with encrypting my password multiple times.
Any idea how to cope with this?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
编辑:
NHibernate 必须在从数据库加载用户后设置用户密码,当您使用标准时,
它将使用该属性来设置数据库值,
然后防止这种情况发生
EDIT:
NHibernate has to set the password on the user after it loaded it from db and when you use the standard
it will use the property to set the db-value
prevents this then
解决此问题的一种方法是使用 setter 方法来设置密码,例如
,这样您的哈希/加密逻辑就与属性 setter 分开。在 PersistenceSpecification 测试中,您将测试加密文本的保存/获取。
如果您需要解密密码,请使用 getter 方法来获取解密的密码(
Password
属性将包含加密文本)。附带说明一下,除非您有充分的理由,否则对密码进行哈希处理比对其进行加密更好。
A way to solve this is to use a setter method to set your password, for example
This way your hash/encryption logic is separate from your property setter. In your PersistenceSpecification test you will then be testing the saving/getting of the encrypted text.
If you need to decrypt the password use a getter method to get the decrypted password (the
Password
property will contain the encrypted text).As a side note, unless you have a good reason it will be better to hash the password than encrypt it.