spring-security.xml hardcoded password

Asked May 17 '16 at 10:14

Active May 17 '16 at 10:14

Viewed 106 times

I am new to spring and web applications. The guide I am following is this. The spring-security.xml is below `

<http auto-config="true">
    <intercept-url pattern="/admin**" access="ROLE_USER" />
    <form-login 
        login-page="/login" 
        default-target-url="/welcome" 
        authentication-failure-url="/login?error" 
        username-parameter="username"
        password-parameter="password" />
    <logout logout-success-url="/login?logout" />
    <!-- enable csrf protection -->
    <csrf/>
</http>

<authentication-manager>
    <authentication-provider>
      <user-service>
        <user name="mkyong" password="123456" authorities="ROLE_USER" />
      </user-service>
    </authentication-provider>
</authentication-manager>

My question is,currently there is password change option for the user. If I want to provide that option how should I do that ?

asked May 17 '16 at 10:14

Umesh Maharshi

1,571
10
12

Try use more simple way - spring security jdbc for login/auth tasks(or something more difficult). – dzrkot May 17 '16 at 10:38
I searched but couldn't find. Thanks RadhaKrishna and dzrkot. – Umesh Maharshi May 17 '16 at 10:58

spring-security.xml hardcoded password

0 Answers0