Spring Security
  1. Spring Security
  2. SEC-1655

Allow pluggable Base64 encoders in the MessageDigestPasswordEncoder

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Won't Fix
    • Affects Version/s: 3.0.5
    • Fix Version/s: 3.1.0.RC1
    • Component/s: Core
    • Labels:
      None

      Description

      Currently, the option to Base64 encode is hard coded. We use the PasswordEncoder not only for passwords, but for generating one time tokens as well. The encoding with "/" and "=" can be a bit frustrating when dealing with tokens and the web tier. It would be nice if we had the option to use our own Base64 encoder to allow us to always generate web compliant base64 .

        Activity

        Hide
        Luke Taylor added a comment -

        I'd prefer to keep Base64 encoding as an internal implementation detail as it is now.This isn't really what the PasswordEncoder interface is intended for so I'd recommend you create your own token generator strategy interface.

        Show
        Luke Taylor added a comment - I'd prefer to keep Base64 encoding as an internal implementation detail as it is now.This isn't really what the PasswordEncoder interface is intended for so I'd recommend you create your own token generator strategy interface.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Todd Nine
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: