Takkun
Reputation: 6361
How to add custom password encoder to Spring Security?
I'm attempting to convert a web project to Spring. I have already incorporated Spring Security, however the old project used SHA-1 converted to a hex string to encrypt user passwords.
I was wondering how I can go about making a custom password encoder that will allow me to specify exactly how I want the password encrypted.
Upvotes: 1
Views: 4248
Answers (2)
Noushad
Reputation: 3030
You can directly use this. Constructor argument is strength of SHA Encoder
<beans:bean id="passwordEncoder"
class="org.springframework.security.authentication.encoding.ShaPasswordEncoder">
<beans:constructor-arg index="0" value="1" />
</beans:bean>
Upvotes: 3
Grzegorz Rożniecki
Reputation: 28005
Sure, you probably don't need a custom encoder, since it's quite easy using Security's namespace configuration <password-encoder>:
<password-encoder hash="sha" base64="true" />
Put this line into your security-context.xml and it'll use ShaPasswordEncoder with SHA-1 algorithm and BASE64 encoding enabled.
Upvotes: 2
Related Questions
- Spring Boot: How to specify the PasswordEncoder?
- Password Encoder in Spring boot Security
- Spring Security AuthenticationManager set a PasswordEncoder
- How do I configure password encoder over WS-Security with Spring-Boot?
- Password Encoder/Decoder in Spring Boot
- Reference a specific password-encoder in my security-config.xml
- How to use new PasswordEncoder from Spring Security
- Using PasswordEncoder from Spring Security
- Java Spring Security PasswordEncoder
- Use Spring Security's PasswordEncoder to create AES encrypted based password