From 50c9942f0b142f32daa0d5485fef1ec07c73485d Mon Sep 17 00:00:00 2001 From: Anton Shuvaev Date: Sun, 13 Oct 2024 17:40:37 +0300 Subject: [PATCH] fix: #165 Set up DelegatingPasswordEncoder with NoOpPasswordEncoder (#166) --- .../security/BasicAuthenticationConfig.java | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationConfig.java b/src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationConfig.java index ffd73283b..b91e1e48a 100644 --- a/src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationConfig.java +++ b/src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationConfig.java @@ -9,9 +9,13 @@ import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.crypto.password.DelegatingPasswordEncoder; +import org.springframework.security.crypto.password.NoOpPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import javax.sql.DataSource; +import java.util.Map; @Configuration @EnableMethodSecurity(prePostEnabled = true) // Enable @PreAuthorize method-level security @@ -21,6 +25,14 @@ public class BasicAuthenticationConfig { @Autowired private DataSource dataSource; + @Bean + public PasswordEncoder passwordEncoder() { + var encoders = Map.of("noop", NoOpPasswordEncoder.getInstance()); + var passwordEncoder = new DelegatingPasswordEncoder("noop", encoders); + passwordEncoder.setDefaultPasswordEncoderForMatches(NoOpPasswordEncoder.getInstance()); + return passwordEncoder; + } + @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off