Spring Security:password encoding in DB and in applicationContext

If you are choosing a hashing system yourself, rather than building an app using an existing database which already contains hashed passwords, then you should make sure your hashing algorithm also uses a salt. Don’t just use a plain digest. A good choice is bcrypt, which we now support directly in Spring Security 3.1 via … Read more

Can I negate (!) a collection of spring profiles?

Since Spring 5.1 (incorporated in Spring Boot 2.1) it is possible to use a profile expression inside profile string annotation (see the description in Profile.of(..) for details). So to exclude your bean from certain profiles you can use an expression like this: @Profile(“!dev & !prof1 & !prof2”) Other logical operators can be used as well, … Read more

tech