-1

The problem that I have is that I get the error "There is no PasswordEncoder mapped for the id "null" ". I have read about how spring security does not allow for a password to be plain text(and I understand that is for safety measures) but the problem is that I do not really know how I can fix this error

    @Override                                                                 
    protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/", "/home").permitAll().antMatchers("/admin").hasRole("ADMIN")
            .anyRequest().authenticated().and().formLogin().loginPage("/login").permitAll().and().logout()
            .permitAll();
    http.exceptionHandling().accessDeniedPage("/403");
}

and

@Autowired                                                                    
DataSource dataSource;

@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
    auth.jdbcAuthentication().dataSource(dataSource)
            .usersByUsernameQuery("select username, password, enabled from users where username=?")
            .authoritiesByUsernameQuery("select username, role from user_roles where username=?");

}
Esmer Omer
  • 65
  • 5
  • The only other thing that I have used in this project is a web controller that returns the HTML files of each and every request mapping that I have there, displaying the page /home, /admin,/login, etc. – Esmer Omer Feb 09 '21 at 12:25
  • 2
    It is highly not recommended(It is deprecated to indicate that) but you can use this to not encode password: https://stackoverflow.com/questions/56762121/configure-nooppasswordencoder-in-spring – Roie Beck Feb 09 '21 at 12:31
  • I have used that and it fixed my problem, now the question comes, how can I do so it is encrypted? I have seen some examples but I am not sure how to apply them in my case – Esmer Omer Feb 09 '21 at 12:38
  • when googling your error this is the FIRST hit, and guess who wrote that answer. PLEASE google before asking https://stackoverflow.com/questions/62770105/there-is-no-passwordencoder-mapped-for-the-id-null-in-spring-security – Toerktumlare Feb 09 '21 at 16:06

1 Answers1

0

This question has already come up before and i have already written an answer for this question here. Which is the first hit if you google this error message.

This error is also the first error mentioned in the spring security documentation.

The following error occurs when one of the passwords that are stored has no id as described in Password Storage Format.

cigien
  • 57,834
  • 11
  • 73
  • 112
Toerktumlare
  • 12,548
  • 3
  • 35
  • 54
  • I said that I have missed it :) and that it was my fault, I understood that in the comment that you made and thanked you for the heads up. I spent like 2 hours searching in bad areas but that is also a part of learning not because I did a poor research, we all start somewhere. – Esmer Omer Feb 09 '21 at 20:21
  • + after I searched "spring security encrypted password encoder problem", I did not get those results, I can send a screen snip if you want. Bad question asking? Oh well, that is still a matter one can improve, so no need to emphasize the fact that I did not research while not knowing the full context. But what you said is also true, one should research well before asking, but missing information does not mean poor research, means a not well done one. (not because of the short amount of time but because of a little amount of practice that we all grow through time) – Esmer Omer Feb 09 '21 at 20:27
  • all you need to google is `"There is no PasswordEncoder mapped for the id "null" "` please read this post, and the first answer what effort you should put in before asking on stack overflow. Just take it as a learning experience. https://meta.stackoverflow.com/questions/261592/how-much-research-effort-is-expected-of-stack-overflow-users – Toerktumlare Feb 09 '21 at 20:35
  • 1
    Please don't add meta commentary to answers. Also, note that lack of research is *never* a reason to close a question, it's only a reason to downvote. Also, if you're going to write an answer, write a complete answer, don't just link to another answer, even if it's your own. – cigien Feb 09 '21 at 21:31