Implementing PasswordEncryptorDelegate

As mentioned, our implementation of PasswordEncryptor will delegate the actual encryption to Spring Security's PasswordEncoder implementation. Here is how PasswordEncryptorDelegate looks:

...
@Component
public class PasswordEncryptorDelegate implements PasswordEncryptor {

  private PasswordEncoder passwordEncoder;

  public PasswordEncryptorDelegator(PasswordEncoder passwordEncoder) {
    this.passwordEncoder = passwordEncoder;
  }

  @Override
  public String encrypt(String rawPassword) {
    return encoder.encode(rawPassword);
  }
}

As you can see, this is quite straightforward. Spring Security offers multiple implementations of PasswordEncoder, and we will use BCryptPasswordEncoder here. Let's instantiate BCryptPasswordEncoder as the following in SecurityConfiguration so that Spring can inject it into PasswordEncryptorDelegate:

@Bean
public PasswordEncoder passwordEncoder() {
 return new BCryptPasswordEncoder();
}

BCryptPasswordEncoder uses the BCrypt strong hashing function and it is considered to be more secure than algorithms such as SHA-256. Now, we can try to register new users. As you should see, in the database the password is encrypted now. As usual, let's commit the change after a successful build with the mvn clean install command. Here is the commit record:

Figure 10.15:Implementing PasswordEncryptorDelegate commit
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.16.79.147