All geek questions in one place

Error implementing Jasypt with Hibernate 3 and Struts 2

I am trying to encrypt passwords in webapp using Jasypt with hibernate 3. I followed the instructions on the jasypt website .

Here is my hibernation mapping:

<hibernate-mapping package="webapp.entity"> <typedef name="encrypted" class="org.jasypt.hibernate.type.EncryptedStringType"> <param name="encryptorRegisteredName">strongHibernateStringEncryptor</param> </typedef> <class name="User" table="Users"> <id name="name" column="name" type="string"> </id> <property name="passwd" column="passwd" type="encrypted" not-null="true"> </property> </class> </hibernate-mapping>

Now I register the cipher every time I open a hibernation session:

 public void initHibSession() { HibernateUtil.buildSessionFactory(); hib_session = HibernateUtil.getSessionFactory().getCurrentSession(); if (hib_session != null && hib_session.isOpen()) { hib_session.close(); hib_session = HibernateUtil.getSessionFactory().openSession(); } hib_session.beginTransaction(); StandardPBEStringEncryptor strongEncryptor = new StandardPBEStringEncryptor(); strongEncryptor.setPassword("aStrongPassword"); HibernatePBEEncryptorRegistry registry = HibernatePBEEncryptorRegistry.getInstance(); registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor); }

Then, every time I try to access the user, this exception is thrown:

 FreeMarker template error! Method public java.lang.String org.apache.commons.lang.exception.NestableRuntimeException.getMessage(int) threw an exception when invoked on org.jasypt.exceptions.EncryptionInitializationException: No string encryptor registered for hibernate with name "strongHibernateEncryptor" The problematic instruction: ---------- ==&gt; ${msgs[0][0]} [on line 76, column 25 in org/apache/struts2/dispatcher/error.ftl] ---------- Java backtrace for programmers: ---------- freemarker.template.TemplateModelException: Method public java.lang.String org.apache.commons.lang.exception.NestableRuntimeException.getMessage(int) threw an exception when invoked on org.jasypt.exceptions.EncryptionInitializationException: No string encryptor registered for hibernate with name "strongHibernateEncryptor" at freemarker.ext.beans.SimpleMethodModel.exec(SimpleMethodModel.java:130) at freemarker.ext.beans.SimpleMethodModel.get(SimpleMethodModel.java:138) at freemarker.core.DynamicKeyName.dealWithNumericalKey(DynamicKeyName.java:111) at freemarker.core.DynamicKeyName._getAsTemplateModel(DynamicKeyName.java:90) at freemarker.core.Expression.getAsTemplateModel(Expression.java:89) at freemarker.core.Expression.getStringValue(Expression.java:93) at freemarker.core.DollarVariable.accept(DollarVariable.java:76) at freemarker.core.Environment.visit(Environment.java:210) at freemarker.core.MixedContent.accept(MixedContent.java:92) at freemarker.core.Environment.visit(Environment.java:210) at freemarker.core.IfBlock.accept(IfBlock.java:82) at freemarker.core.Environment.visit(Environment.java:210) at freemarker.core.IfBlock.accept(IfBlock.java:82) at freemarker.core.Environment.visit(Environment.java:210) at freemarker.core.MixedContent.accept(MixedContent.java:92) at freemarker.core.Environment.visit(Environment.java:210) at freemarker.core.Environment.process(Environment.java:190) at freemarker.template.Template.process(Template.java:237) at org.apache.struts2.dispatcher.Dispatcher.sendError(Dispatcher.java:748) at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:505) at org.apache.struts2.dispatcher.ng.ExecuteOperations.executeAction(ExecuteOperations.java:77) at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:91) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) at java.lang.Thread.run(Thread.java:636) Caused by: java.lang.NullPointerException at freemarker.ext.beans.SimpleMemberModel.unwrapArguments(SimpleMemberModel.java:85) at freemarker.ext.beans.SimpleMethodModel.exec(SimpleMethodModel.java:106) ... 33 more

Does anyone have an idea to implement jasypt with Hibernate 3 and Struts 2 or can help me with this error? (I have to use jasypt)

0
source share
2 answers

This is normal, the problem was the encrypted registered name in the mapping:

 <param name="encryptorRegisteredName">strongHibernateEncryptor</param>

When I registered it, I add "String" to the name:

 registry.registerPBEStringEncryptor("strongHibernateStringEncryptor", strongEncryptor);

You must also set a password:

 strongEncryptor.setPassword("aStrongPassword");

Now there are no more errors.

(I modify my code above to reflect the changes)

0
source

You should know that hibernate / jaspyt encryption is PBE based and reversible, which means that it is encrypted only in the database and not in the application.

For passwords, in particular, it is better to use digest-based encryption, which is not reversible. StrongPasswordEncryptor really what you should use in the above case.

0
source

Source: https://habr.com/ru/post/1500725/

More articles: