From the course: Extending, Securing, and Dockerizing Spring Boot Microservices
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Password encryption
From the course: Extending, Securing, and Dockerizing Spring Boot Microservices
Password encryption
- [Instructor] In the last video, we saw how a user could provide their username and password to be authenticated with the authentication manager and a user detail service. But how was that password verified? The password let me in was not stored in the database. Instead, there was a long nonsensical string in data.sql. That long string is actually a hashed value created by the Spring BCrypt algorithm. The authentication manager requires a password encoder bean in order to encode the plain text password and then compares it to the previously encoded value in the database. I'm repeating a pattern from the Spring Security course by initializing it to 12. Now, how about creating a new user and encode the password? There's a new method in UserService that does just that. In this sign up method, it creates a new user with the CSR role as long as the username does not already exist. Now, let's run this method from an integration test. So, I have a UserServiceIntegrationTest and we will run…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.