Hi, Since Spring boot 2.x there was a few changes in Spring Security, so, I will show you how to encode passwords in Spring boot 2 (which comes with new Spring Security 5).
Most important change:
DelegatingPasswordEncoder
it's the new default password encoder (which not tie you to a specific encoder implementation, like BcryptPasswordEncoder
)
NoOpPasswordEncoder
is considered as deprecated now.
- How to create password encoder bean:
@Bean
public PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
- How to encode a password (Bcrypt implementation will be used underneath):
String encodedPassword = passwordEncoder.encode(rawPassword);
- How the encoded password looks like:
{bcrypt}$2a$10$GJpYuiP0cDOcE.WRlctpHOC1ROz35m9jCJ5BXFoMgnzkUjsxc6yHS
Where '{bcrypt}' determines which encoder used for encoding.
- How to check if raw password matches encoded:
if (!passwordEncoder.matches(rawPassword, encodedPassword)) {
throw new BadCredentialsException("Bad password");
}
Top comments (1)
Hi Vadym. Nice article, thanks! Short, but clear about why use DelegatingPasswordEncoder and how to use it.