Spring Security:password encoding in DB and in applicationContext
If you are choosing a hashing system yourself, rather than building an app using an existing database which already contains hashed passwords, then you should make sure your hashing algorithm also uses a salt. Don’t just use a plain digest. A good choice is bcrypt, which we now support directly in Spring Security 3.1 via … Read more