Skip to content

JdbcUserDetailsManager.setEnableUpdatePassword #16863

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rwinch opened this issue Apr 1, 2025 · 3 comments
Open

JdbcUserDetailsManager.setEnableUpdatePassword #16863

rwinch opened this issue Apr 1, 2025 · 3 comments
Assignees
@rwinch
Labels
in: core An issue in spring-security-core status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement

Comments

@rwinch
Copy link
Member

rwinch commented Apr 1, 2025
edited
Loading

JdbcUserDetailsManager should implement UserDetailsPasswordService and have a property enableUpdatePassword that is false by default (to prevent migrations that might produce passwords that are too large for the current database schema). This would allow users to easily opt into migrating passwords with JDBC. The new method would look something like this:

public UserDetails updatePassword(UserDetails user, String newPassword) {
    UserDetails updated = User.withUserDetails(user).password(newPassword).build();
    updateUser(updated);
    return updated;
}
@rwinch rwinch added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Apr 1, 2025
@rwinch rwinch self-assigned this Apr 1, 2025
@rwinch rwinch added status: ideal-for-contribution An issue that we actively are looking for someone to help us with in: core An issue in spring-security-core and removed status: waiting-for-triage An issue we've not yet triaged labels Apr 1, 2025
@franticticktick
Copy link
Contributor

Hi @rwinch, could you assign this ticket to me please?

@vasanth-79
Copy link
Contributor

Hi @rwinch, Could you please assign this to me?

I've made the changes and raised PR #16881

@vasanth-79 vasanth-79 mentioned this issue Apr 4, 2025
Open
@rwinch
Copy link
Member Author

rwinch commented Apr 8, 2025

@vasanth-79 Thank you for the PR. Can you please add a property enableUpdatePassword that is false by default and only runs this method if true? Please also add some tests.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rwinch rwinch

Labels
in: core An issue in spring-security-core status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rwinch @franticticktick @vasanth-79