Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-23 10:48:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Polish User#withDefaultPasswordEncoder

Browse Source 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
This commit is contained in:
Tran Ngoc Nhan 2025-08-02 16:11:40 +07:00 committed by Josh Cummings
parent f61a8deccc
commit 371bee685f
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/modules/ROOT/pages/servlet/authentication/passwords/index.adoc
View File

@ -34,8 +34,6 @@ public class SecurityConfig {
@Bean @Bean
public UserDetailsService userDetailsService() { public UserDetailsService userDetailsService() {
// User.withDefaultPasswordEncoder() is considered unsafe for production
// and is only intended for sample applications.
UserDetails userDetails = User.withDefaultPasswordEncoder() UserDetails userDetails = User.withDefaultPasswordEncoder()
.username("user") .username("user")
.password("password") .password("password")
@ -103,6 +101,9 @@ class SecurityConfig {
---- ----
===== =====
[WARNING]
`User#withDefaultPasswordEncoder` is considered unsafe for production and is only intended for sample applications. See javadoc:org.springframework.security.core.userdetails.User#withDefaultPasswordEncoder()[User#withDefaultPasswordEncoder] for more details.
The preceding configuration automatically registers an xref:servlet/authentication/passwords/in-memory.adoc[in-memory `UserDetailsService`] with the `SecurityFilterChain`, registers the xref:servlet/authentication/passwords/dao-authentication-provider.adoc[`DaoAuthenticationProvider`] with the default xref:servlet/authentication/architecture.adoc#servlet-authentication-authenticationmanager[`AuthenticationManager`], and enables xref:servlet/authentication/passwords/form.adoc[Form Login] and xref:servlet/authentication/passwords/basic.adoc[HTTP Basic] authentication. The preceding configuration automatically registers an xref:servlet/authentication/passwords/in-memory.adoc[in-memory `UserDetailsService`] with the `SecurityFilterChain`, registers the xref:servlet/authentication/passwords/dao-authentication-provider.adoc[`DaoAuthenticationProvider`] with the default xref:servlet/authentication/architecture.adoc#servlet-authentication-authenticationmanager[`AuthenticationManager`], and enables xref:servlet/authentication/passwords/form.adoc[Form Login] and xref:servlet/authentication/passwords/basic.adoc[HTTP Basic] authentication.
To learn more about username/password authentication, consider the following use cases: To learn more about username/password authentication, consider the following use cases: