How to retrieve user password in Spring Security

Asked Aug 18 '17 at 12:47

Active Aug 18 '17 at 12:47

Viewed 1,019 times

How to retrieve user password in Spring Security (java configuration)? I tried this:

@Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.eraseCredentials(false);
    }

and this:

Object credentials = authentication.getCredentials();

but the credentials returned are always null.

asked Aug 18 '17 at 12:47

sva605

1

Possible duplicate of [UserDetails getPassword returns null in spring security 3.1. How to get password of currently logged in user?](https://stackoverflow.com/questions/14303081/userdetails-getpassword-returns-null-in-spring-security-3-1-how-to-get-password) – Juan Carlos Mendoza Aug 18 '17 at 12:51
No. There is a solution there for xml configuration, not for java – sva605 Aug 18 '17 at 12:54
[Here](http://docs.spring.io/spring-security/site/docs/4.2.3.RELEASE/reference/htmlsingle/#core-services-erasing-credentials) says that Spring Security will attempt to clear any sensitive credentials information from the Authentication object which is returned by a successful authentication request. It also specifies that you can disable that feature. Check it out. – Juan Carlos Mendoza Aug 18 '17 at 12:59
It does not say how to do that – sva605 Aug 20 '17 at 11:40
@sva605 Have you managed to get password? – Praveen Gopal Feb 20 '20 at 10:49

0 Answers0