1.Shiro1.7.1默认密钥
public CookieRememberMeManager rememberMeManager(){
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
cookieRememberMeManager.setCookie(rememberMeCookie());
cookieRememberMeManager.setCipherKey(Base64.decode("fCq+/xW488hMTCD+cmJ3aQ=="));
return cookieRememberMeManager;
}
2.重新生成新的密钥
public static void main(String[] args) throws Exception {
KeyGenerator keygen = KeyGenerator.getInstance("AES");
SecretKey deskey = keygen.generateKey();
System.out.println(Base64.encodeToString(deskey.getEncoded()));
}
用新生成的密钥替换原来的密钥即可。
3.或者直接换成动态密钥
public CookieRememberMeManager rememberMeManager()
{
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
cookieRememberMeManager.setCookie(rememberMeCookie());
cookieRememberMeManager.setCipherKey(Base64.decode(generateNewKey()));
return cookieRememberMeManager;
}
public static String generateNewKey() {
try {
KeyGenerator keygen = KeyGenerator.getInstance("AES");
SecretKey deskey = keygen.generateKey();
return Base64.encodeToString(deskey.getEncoded());
}catch (Exception e){
e.printStackTrace();
return "7Iqlf6Ql/A4h7Umjw+254w==";
}
}
本文转载自: https://blog.csdn.net/UD_World/article/details/126718066
版权归原作者 没有什么是不变的 所有, 如有侵权,请联系我们删除。
版权归原作者 没有什么是不变的 所有, 如有侵权,请联系我们删除。