Encrypting InMemoryAuthentication passwords with Bcrypt

Question

Before I use Bcrypt on a custom implementation of UserDetailsService, I first want to see if I can use it in an in-memory database.

package com.patrick.Secu         


        

Answer 1

With Spring Security 5 you can prefix password with id of selected PasswordEncoder. If you want to use plain password, then simply use {noop} prefix, this will delegate password encoder to NoOpPasswordEncoder.

Example code:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
   auth.inMemoryAuthentication()
          .withUser("admin").password("{noop}password").roles("ADMIN");
}