Hash password

[adhikasp]

Never ever store a plaintext password.

Some reference:

• https://www.mkyong.com/spring-security/spring-security-password-hashing-example/
• http://www.baeldung.com/spring-security-registration-password-encoding-bcrypt

[adhikasp]

If we implement this, it's a good idea to integrate the hashing method inside of user.setPassword() method too.

[DitoRaharjo]

okay, I already know bcrypt from laravel, but in laravel when I had to authenticated user's password from login and database I use hashCheck(), looks like this

if (Hash::check($pengguna_data['password_lama'], $pengguna->password) ) {
...
}`

is it the same thing with this example with spring? (I read it from your url reference : http://www.baeldung.com/spring-security-registration-password-encoding-bcrypt)

public class SecSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(authProvider());
    }

    ...
}

@adhikasp

[riencus]

Just asking, don't we (blibli-future) need to save user's data using LDAP? Have any of you done any research on using it @DitoRaharjo @adhikasp ?

[DitoRaharjo]

@arielchristianto We still confused about how to integrate LDAP with our project, so we use Basic Auth instead 💃