Skip to content

Replace SpringUtils in DelegatingPasswordEncoder.UnmappedIdPasswordEncoder #16442

New issue
New issue
Closed
#16479
Closed
Replace SpringUtils in DelegatingPasswordEncoder.UnmappedIdPasswordEncoder#16442
#16479
Assignees
sjohnr
Labels
in: cryptoAn issue in spring-security-cryptostatus: duplicateA duplicate of another issuetype: enhancementA general enhancement
Milestone
 
6.5.0-M2
@ChristianHoesel

Description

@ChristianHoesel
ChristianHoesel
opened on Jan 18, 2025

Expected Behavior

The class org.springframework.security.crypto.password.DelegatingPasswordEncoder.UnmappedIdPasswordEncoder should not use org.springframework.util.StringUtils to allow usage in non Spring environments.

Current Behavior

org.springframework:spring-core has to be within my dependencies to use the DelegatingPasswordEncoder and it's only used in one methode

spring-security/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java

Line 298 in d3332e1

public boolean matches(CharSequence rawPassword, String prefixEncodedPassword) {

Right now the dependency to org.springframework:spring-core is optional and for the usage of the most PasswordEncoder implementations not necessary.

The Usage of StringUtils can easily be replaced.

Context
I am having an Eclipse RCP (OSGi) project, where I want to use the DelegatingPasswordEncoder right away without adding org.springframework:spring-core to my dependencies.

Metadata

Metadata

Assignees

Labels

in: cryptoAn issue in spring-security-cryptostatus: duplicateA duplicate of another issuetype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions