Home > Mobile >  Spring Security: explicit credentials doesnt log me in, says bad credentials
Spring Security: explicit credentials doesnt log me in, says bad credentials

Time:09-30

This is my Spring Security config class

@EnableWebSecurity 
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 
    private PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
 
     @Override
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
         auth.inMemoryAuthentication()
                 .withUser("john.doe")
                 .password(passwordEncoder().encode("secret"))
                 .roles("USER");
     }
 
     @Bean
     public PasswordEncoder passwordEncoder() {
         return passwordEncoder;
     } 
}

This is the login page

enter image description here

When I login using "john.doe" and "secret" as specified in the source code, it returns "BAD CREDENTIALS". What is the reason?

CodePudding user response:

You don't use the encoding correctly. You basically set the encoded word secret as the password which is usually something like $2a$12$..... depending on the currently used salt. Pass the password directly:

auth.inMemoryAuthentication()
    .withUser("john.doe")
    .password("secret")
    .roles("USER");

CodePudding user response:

It is possible that @Configuration is not added and @Bean is not injected into the Spring container

Page link:https//www.codepudding.com/Mobile/133147.html

Prev:How does Spring (Boot) work with Pageable in controllers method argument?
Next:Spring Boot security application is not reading in memory authentication
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding