Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document NoOpPasswordEncoder will not be removed #8506

Closed
rwinch opened this issue May 8, 2020 · 0 comments · Fixed by #8508
Closed

Document NoOpPasswordEncoder will not be removed #8506

rwinch opened this issue May 8, 2020 · 0 comments · Fixed by #8508
Assignees
@rwinch
Labels
in: core An issue in spring-security-core status: backported An issue that has been backported to maintenance branches type: bug A general bug
Milestone
5.4.0-M2

Comments

@rwinch
Copy link
Member

rwinch commented May 8, 2020
edited
Loading

While, NoOpPasswordEncoder is marked as deprecated we should clearly indicate that it is not going to be removed. Many of the other insecure PasswordEncoder implementations (i.e. MessageDigestPasswordEncoder) have the following in the deprecation warning:

There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.

We should add the same to NoOpPasswordEncoder

See gh-8498
@rwinch rwinch added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement status: ideal-for-contribution An issue that we actively are looking for someone to help us with labels May 8, 2020
@rwinch rwinch mentioned this issue May 8, 2020
Closed
dadikovi added a commit to dadikovi/spring-security that referenced this issue May 9, 2020
@dadikovi
Document NoOpPasswordEncoder will not be removed
1d4cd5d 
This commit adds extension to deprecation notice.

Fixes spring-projectsgh-8506
@dadikovi dadikovi mentioned this issue May 9, 2020
Merged
@rwinch rwinch self-assigned this May 13, 2020
@rwinch rwinch added status: duplicate A duplicate of another issue in: core An issue in spring-security-core type: bug A general bug and removed status: ideal-for-contribution An issue that we actively are looking for someone to help us with status: waiting-for-triage An issue we've not yet triaged status: duplicate A duplicate of another issue type: enhancement A general enhancement labels May 13, 2020
rwinch pushed a commit that referenced this issue May 13, 2020
@dadikovi @rwinch
Document NoOpPasswordEncoder will not be removed
db4ca1f 
This commit adds extension to deprecation notice.

Fixes gh-8506
@rwinch rwinch added this to the 5.4.0-M2 milestone May 13, 2020
rwinch pushed a commit that referenced this issue May 13, 2020
@dadikovi @rwinch
Document NoOpPasswordEncoder will not be removed
d6f827c 
This commit adds extension to deprecation notice.

Fixes gh-8506
@spring-projects-issues spring-projects-issues added the status: backported An issue that has been backported to maintenance branches label May 13, 2020
Closed
rwinch pushed a commit that referenced this issue May 13, 2020
@dadikovi @rwinch
Document NoOpPasswordEncoder will not be removed
e382c26 
This commit adds extension to deprecation notice.

Fixes gh-8506
Closed
rwinch pushed a commit that referenced this issue May 13, 2020
@dadikovi @rwinch
Document NoOpPasswordEncoder will not be removed
faa02e8 
This commit adds extension to deprecation notice.

Fixes gh-8506
Closed
rwinch pushed a commit that referenced this issue May 13, 2020
@dadikovi @rwinch
Document NoOpPasswordEncoder will not be removed
e8daeac 
This commit adds extension to deprecation notice.

Fixes gh-8506
Closed
rwinch pushed a commit that referenced this issue May 13, 2020
@dadikovi @rwinch
Document NoOpPasswordEncoder will not be removed
a9c8b35 
This commit adds extension to deprecation notice.

Fixes gh-8506
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rwinch rwinch

Labels
in: core An issue in spring-security-core status: backported An issue that has been backported to maintenance branches type: bug A general bug
Projects
None yet
Milestone
5.4.0-M2
Development

Successfully merging a pull request may close this issue.

Document NoOpPasswordEncoder will not be removed dadikovi/spring-security
2 participants
@rwinch @spring-projects-issues