From 99a440094d283f6f39bdb7b10d2ba35ad8efca42 Mon Sep 17 00:00:00 2001 From: eastargh Date: Fri, 26 Jun 2026 11:12:21 +0900 Subject: [PATCH] =?UTF-8?q?=EA=B4=80=EB=A6=AC=EC=9E=90=20=EB=A1=9C?= =?UTF-8?q?=EA=B7=B8=EC=9D=B8=20=EB=B9=84=EB=B0=80=EB=B2=88=ED=98=B8=20?= =?UTF-8?q?=EC=95=94=ED=98=B8=ED=99=94=20Damo=20=EB=8B=A8=EB=B0=A9?= =?UTF-8?q?=ED=96=A5=20=EC=A0=81=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../eactive/eai/rms/common/acl/user/UserManService.java | 3 ++- .../com/eactive/eai/rms/common/login/MainController.java | 9 +++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/src/main/java/com/eactive/eai/rms/common/acl/user/UserManService.java b/src/main/java/com/eactive/eai/rms/common/acl/user/UserManService.java index 86c6d6f..58d835a 100644 --- a/src/main/java/com/eactive/eai/rms/common/acl/user/UserManService.java +++ b/src/main/java/com/eactive/eai/rms/common/acl/user/UserManService.java @@ -33,6 +33,7 @@ import com.eactive.eai.rms.data.entity.man.role.Role; import com.eactive.eai.rms.data.entity.man.role.RoleService; import com.eactive.eai.rms.data.entity.onl.bzwkdstcd.UserBusinessService; import com.eactive.eai.rms.onl.common.exception.BizException; +import com.eactive.ext.djb.DamoManager; import lombok.RequiredArgsConstructor; @@ -140,7 +141,7 @@ public class UserManService extends BaseService { public void updatePassword(UserUI userUI) throws Exception { UserInfo userInfo = userInfoService.getById(userUI.getUserId()); - userInfo.setPassword(Seed.encrypt(userUI.getUserId())); + userInfo.setPassword(DamoManager.getInstance().hash(DamoManager.SHA256, userUI.getUserId())); userUIMapper.updateToEntity(userUI, userInfo); userInfoService.save(userInfo); } diff --git a/src/main/java/com/eactive/eai/rms/common/login/MainController.java b/src/main/java/com/eactive/eai/rms/common/login/MainController.java index d36fb90..af3239e 100644 --- a/src/main/java/com/eactive/eai/rms/common/login/MainController.java +++ b/src/main/java/com/eactive/eai/rms/common/login/MainController.java @@ -33,6 +33,7 @@ import org.springframework.web.servlet.View; import com.eactive.eai.common.seed.Seed; import com.eactive.eai.rms.ext.kjb.smsauth.SmsAuthService; +import com.eactive.ext.djb.DamoManager; import com.eactive.eai.data.converter.LocalDateTimeFormatters; import com.eactive.eai.rms.common.context.MonitoringContext; import com.eactive.eai.rms.common.datasource.DataSourceType; @@ -363,7 +364,7 @@ public class MainController implements InterceptorSkipController { String loginMode = System.getProperty("login.mode"); if("db".equals(loginMode) || "DB".equals(loginMode)) { /* 기존로직 - LDAP 사용 x */ - if (!userInfo.getPassword().equals(Seed.encrypt(dto.getPassword()))) { + if (!userInfo.getPassword().equals(DamoManager.getInstance().hash(DamoManager.SHA256, dto.getPassword()))) { // password 다름. setLoginFailure(request, session, "login.loginfail1", "login.loginfail2"); @@ -799,9 +800,9 @@ public class MainController implements InterceptorSkipController { .getString("login.pwdmismatch4")); return REDIRECT_CHANGE_PASSWORD_URL; } - + // 3. 비밀번호 체크 - if (!userInfo.getPassword().equals(Seed.encrypt(resetPassword)) + if (!userInfo.getPassword().equals(DamoManager.getInstance().hash(DamoManager.SHA256,resetPassword)) || !userInfo.getUserid().equals(resetUserId)) { UserAccessLogger.log(request, LOG_CATEGORY_LOGIN, "F", localeMessage @@ -812,7 +813,7 @@ public class MainController implements InterceptorSkipController { } // 4. 비밀번호 변경 - userInfo.setPassword(Seed.encrypt(changePassword)); + userInfo.setPassword(DamoManager.getInstance().hash(DamoManager.SHA256,changePassword)); userInfoService.save(userInfo); UserAccessLogger.log(request, LOG_CATEGORY_LOGIN, "S", localeMessage