Reputation: 1964
Spring-Security PasswordEncoder returns null
I have implemented Spring security on my struts2 application and it perfectly works, but it runs into error java.lang.NullPointerException on line 3.
Although it seems passwordEncoder configuration works as by adding those I cant login with a plain text password any more.
<authentication-manager>
<authentication-provider>
<password-encoder ref="passwordEncoder"/>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="
select username,password,enabled
from Users where username=?"
authorities-by-username-query="
select username,authority
from Users where username = ?"
/>
</authentication-provider>
</authentication-manager>
<beans:bean id="passwordEncoder"
xmlns="http://www.springframework.org/schema/beans"
class="org.springframework.security.authentication.encoding.ShaPasswordEncoder">
<constructor-arg value="256"/>
</beans:bean>
</beans:beans>
MyClass.java
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;;
....
private ShaPasswordEncoder passwordEncoder;
public ShaPasswordEncoder getPasswordEncoder() {
return passwordEncoder;
}
@Autowired
public void setPasswordEncoder(ShaPasswordEncoder passwordEncoder) {
this.passwordEncoder = passwordEncoder;
}
public void encode(String username)
{
1 System.err.println("encode password");
2 String encodedPassword = "";
3 encodedPassword = passwordEncoder.encodePassword("Jack",username);
4 System.err.println("encoded password " + encodedPassword);
}
pom.xml
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
Upvotes: 2
Views: 6060
Answers (2)
Reputation: 2377
@Autowired will work only on Spring managed beans. So your MyClass should be a @Service or @Repository or @Component etc (or it may be simply configured in your XML as a <bean>)
Also, I don't understand your
I cant login with a plain text password any more.
The encoding of the user entered password and the comparison with the encoded password from the database is done by spring security internally. All it needs is a UserDetails object which will be provided by your jdbc-user-service.
Upvotes: 3
Reputation: 3497
Do you actually inject the encoder into Encode.java somehow somewhere? If not,then that is your problem.
if you need a quick and dirty solution which will probably work. just make it
private ShaPasswordEncoder passwordEncoder=new ShaPasswordEncoder(256);
and then find out what you are doing wrong with the injection.
maybe read this to see how injection should be done.
Upvotes: 3
Related Questions
- SpringSecurity : decode a password encoded with PasswordEncoder
- Password is not getting encoded in spring security
- Spring security - encoded password gives me Bad Credentials
- Spring Security AuthenticationManager set a PasswordEncoder
- Why can not I match the encoded password with spring security?
- Spring Security, Problem with PasswordEncoder
- Spring Security: Authentication returns null
- How to use new PasswordEncoder from Spring Security
- Using PasswordEncoder from Spring Security
- Java Spring Security PasswordEncoder