(window.webpackJsonp=window.webpackJsonp||[]).push([[240],{664:function(e,t,s){"use strict";s.r(t);var r=s(56),a=Object(r.a)({},(function(){var e=this,t=e.$createElement,s=e._self._c||t;return s("ContentSlotsDistributor",{attrs:{"slot-key":e.$parent.slotKey}},[s("h1",{attrs:{id:"in-memory-authentication"}},[s("a",{staticClass:"header-anchor",attrs:{href:"#in-memory-authentication"}},[e._v("#")]),e._v(" In-Memory Authentication")]),e._v(" "),s("p",[e._v("Spring Security’s "),s("code",[e._v("InMemoryUserDetailsManager")]),e._v(" implements "),s("RouterLink",{attrs:{to:"/en/spring-security/user-details-service.html#servlet-authentication-userdetailsservice"}},[e._v("UserDetailsService")]),e._v(" to provide support for username/password based authentication that is stored in memory."),s("code",[e._v("InMemoryUserDetailsManager")]),e._v(" provides management of "),s("code",[e._v("UserDetails")]),e._v(" by implementing the "),s("code",[e._v("UserDetailsManager")]),e._v(" interface."),s("code",[e._v("UserDetails")]),e._v(" based authentication is used by Spring Security when it is configured to "),s("RouterLink",{attrs:{to:"/en/spring-security/index.html#servlet-authentication-unpwd-input"}},[e._v("accept a username/password")]),e._v(" for authentication.")],1),e._v(" "),s("p",[e._v("In this sample we use "),s("RouterLink",{attrs:{to:"/features/authentication/password-storage.html#authentication-password-storage-boot-cli"}},[e._v("Spring Boot CLI")]),e._v(" to encode the password of "),s("code",[e._v("password")]),e._v(" and get the encoded password of "),s("code",[e._v("{bcrypt}$2a$10$GRLdNijSQMUvl/au9ofL.eDwmoohzzS7.rmNSJZ.0FxO/BTk76klW")]),e._v(".")],1),e._v(" "),s("p",[e._v("Example 1. InMemoryUserDetailsManager Java Configuration")]),e._v(" "),s("p",[e._v("Java")]),e._v(" "),s("div",{staticClass:"language- extra-class"},[s("pre",{pre:!0,attrs:{class:"language-text"}},[s("code",[e._v('@Bean\npublic UserDetailsService users() {\n\tUserDetails user = User.builder()\n\t\t.username("user")\n\t\t.password("{bcrypt}$2a$10$GRLdNijSQMUvl/au9ofL.eDwmoohzzS7.rmNSJZ.0FxO/BTk76klW")\n\t\t.roles("USER")\n\t\t.build();\n\tUserDetails admin = User.builder()\n\t\t.username("admin")\n\t\t.password("{bcrypt}$2a$10$GRLdNijSQMUvl/au9ofL.eDwmoohzzS7.rmNSJZ.0FxO/BTk76klW")\n\t\t.roles("USER", "ADMIN")\n\t\t.build();\n\treturn new InMemoryUserDetailsManager(user, admin);\n}\n')])])]),s("p",[e._v("XML")]),e._v(" "),s("div",{staticClass:"language- extra-class"},[s("pre",{pre:!0,attrs:{class:"language-text"}},[s("code",[e._v('\n\t\n\t\n\n')])])]),s("p",[e._v("Kotlin")]),e._v(" "),s("div",{staticClass:"language- extra-class"},[s("pre",{pre:!0,attrs:{class:"language-text"}},[s("code",[e._v('@Bean\nfun users(): UserDetailsService {\n val user = User.builder()\n .username("user")\n .password("{bcrypt}$2a$10\\$GRLdNijSQMUvl/au9ofL.eDwmoohzzS7.rmNSJZ.0FxO/BTk76klW")\n .roles("USER")\n .build()\n val admin = User.builder()\n .username("admin")\n .password("{bcrypt}$2a$10\\$GRLdNijSQMUvl/au9ofL.eDwmoohzzS7.rmNSJZ.0FxO/BTk76klW")\n .roles("USER", "ADMIN")\n .build()\n return InMemoryUserDetailsManager(user, admin)\n}\n')])])]),s("p",[e._v("The samples above store the passwords in a secure format, but leave a lot to be desired in terms of getting started experience.")]),e._v(" "),s("p",[e._v("In the sample below we leverage "),s("RouterLink",{attrs:{to:"/features/authentication/password-storage.html#authentication-password-storage-dep-getting-started"}},[e._v("User.withDefaultPasswordEncoder")]),e._v(" to ensure that the password stored in memory is protected.\nHowever, it does not protect against obtaining the password by decompiling the source code.\nFor this reason, "),s("code",[e._v("User.withDefaultPasswordEncoder")]),e._v(' should only be used for "getting started" and is not intended for production.')],1),e._v(" "),s("p",[e._v("Example 2. InMemoryUserDetailsManager with User.withDefaultPasswordEncoder")]),e._v(" "),s("p",[e._v("Java")]),e._v(" "),s("div",{staticClass:"language- extra-class"},[s("pre",{pre:!0,attrs:{class:"language-text"}},[s("code",[e._v('@Bean\npublic UserDetailsService users() {\n\t// The builder will ensure the passwords are encoded before saving in memory\n\tUserBuilder users = User.withDefaultPasswordEncoder();\n\tUserDetails user = users\n\t\t.username("user")\n\t\t.password("password")\n\t\t.roles("USER")\n\t\t.build();\n\tUserDetails admin = users\n\t\t.username("admin")\n\t\t.password("password")\n\t\t.roles("USER", "ADMIN")\n\t\t.build();\n\treturn new InMemoryUserDetailsManager(user, admin);\n}\n')])])]),s("p",[e._v("Kotlin")]),e._v(" "),s("div",{staticClass:"language- extra-class"},[s("pre",{pre:!0,attrs:{class:"language-text"}},[s("code",[e._v('@Bean\nfun users(): UserDetailsService {\n // The builder will ensure the passwords are encoded before saving in memory\n val users = User.withDefaultPasswordEncoder()\n val user = users\n .username("user")\n .password("password")\n .roles("USER")\n .build()\n val admin = users\n .username("admin")\n .password("password")\n .roles("USER", "ADMIN")\n .build()\n return InMemoryUserDetailsManager(user, admin)\n}\n')])])]),s("p",[e._v("There is no simple way to use "),s("code",[e._v("User.withDefaultPasswordEncoder")]),e._v(" with XML based configuration.\nFor demos or just getting started, you can choose to prefix the password with "),s("code",[e._v("{noop}")]),e._v(" to indicate "),s("RouterLink",{attrs:{to:"/features/authentication/password-storage.html#authentication-password-storage-dpe-format"}},[e._v("no encoding should be used")]),e._v(".")],1),e._v(" "),s("p",[e._v("Example 3. "),s("code",[e._v("{noop}")]),e._v(" XML Configuration")]),e._v(" "),s("div",{staticClass:"language- extra-class"},[s("pre",{pre:!0,attrs:{class:"language-text"}},[s("code",[e._v('\n\t\n\t\n\n')])])]),s("p",[s("RouterLink",{attrs:{to:"/en/spring-security/storage.html"}},[e._v("Password Storage")]),s("RouterLink",{attrs:{to:"/en/spring-security/jdbc.html"}},[e._v("JDBC")])],1)])}),[],!1,null,null,null);t.default=a.exports}}]);