This answer comes provided with a complete and working sample and unit tests
Let's simplify things a little bit. If you are using formLogin() all you have to do is specify a UserDetailsBean and you can accompany it with an encoder
@Bean
public PasswordEncoder passwordEncoder(){
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
@Bean
public UserDetailsService userDetailsService() {
return new InMemoryUserDetailsManager(
builder()
.passwordEncoder(input -> passwordEncoder().encode(input))
.username("user")
.password("123")
.roles("USER")
.build(),
builder()
.passwordEncoder(input -> passwordEncoder().encode(input))
.username("admin")
.password("password")
.roles("USER", "ADMIN")
.build()
);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http
//application security
.authorizeRequests()
.mvcMatchers("/non-secure/**").permitAll()
.anyRequest().fullyAuthenticated()
.and()
.formLogin()
;
// @formatter:on
}
You are more than welcome to download the sample and run the unit tests in your IDE
Now this is not preferred way because you have clear text passwords in your code. You can replace this with a manager that already has the passwords encrypted.
@Bean
public UserDetailsService userDetailsService() {
return new InMemoryUserDetailsManager(
builder()
.username("user")
.password("{bcrypt}$2a$10$C8c78G3SRJpy268vInPUFu.3lcNHG9SaNAPdSaIOy.1TJIio0cmTK")
.roles("USER")
.build(),
builder()
.username("admin")
.password("{bcrypt}$2a$10$XvWhl0acx2D2hvpOPd/rPuPA48nQGxOFom1NqhxNN9ST1p9lla3bG")
.roles("USER", "ADMIN")
.build()
);
}
If this answer helped you, please upvote it.