58 lines
1.4 KiB
Plaintext
58 lines
1.4 KiB
Plaintext
include::../description.adoc[]
|
|
|
|
== Noncompliant Code Example
|
|
|
|
[source,java]
|
|
----
|
|
@Autowired
|
|
public void configureGlobal(AuthenticationManagerBuilder auth, DataSource dataSource) throws Exception {
|
|
auth.jdbcAuthentication()
|
|
.dataSource(dataSource)
|
|
.usersByUsernameQuery("SELECT * FROM users WHERE username = ?")
|
|
.passwordEncoder(new StandardPasswordEncoder()); // Noncompliant
|
|
|
|
// OR
|
|
auth.jdbcAuthentication()
|
|
.dataSource(dataSource)
|
|
.usersByUsernameQuery("SELECT * FROM users WHERE username = ?"); // Noncompliant; default uses plain-text
|
|
|
|
// OR
|
|
auth.userDetailsService(...); // Noncompliant; default uses plain-text
|
|
// OR
|
|
auth.userDetailsService(...).passwordEncoder(new StandardPasswordEncoder()); // Noncompliant
|
|
}
|
|
----
|
|
|
|
== Compliant Solution
|
|
|
|
[source,java]
|
|
----
|
|
@Autowired
|
|
public void configureGlobal(AuthenticationManagerBuilder auth, DataSource dataSource) throws Exception {
|
|
auth.jdbcAuthentication()
|
|
.dataSource(dataSource)
|
|
.usersByUsernameQuery("Select * from users where username=?")
|
|
.passwordEncoder(new BCryptPasswordEncoder());
|
|
|
|
// or
|
|
auth.userDetailsService(null).passwordEncoder(new BCryptPasswordEncoder());
|
|
}
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|