Description
Expected Behavior
For my testing environment, I have specified a user in memory as shown below. Per the documentation, it is not expected to work because there is no password encoding and I did not specify the prefix {noop} in my password.
@Bean
public InMemoryUserDetailsManager userDetailsService() {
UserDetails user1 = User.builder()
.username("user")
.password("password")
.roles("USER")
.build();
return new InMemoryUserDetailsManager(user1);
}It would be great to have an error message such as:
You have entered a password with no PasswordEncoder. If that is your intent, it should be prefixed with `{noop}`
Current Behavior
We currently have this error message:
java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"
at org.springframework.security.crypto.password.DelegatingPasswordEncoder$UnmappedIdPasswordEncoder.matches(DelegatingPasswordEncoder.java:289) ~[spring-security-crypto-6.2.3.jar:6.2.3]
To be honest, it took me a while to figure out what was happening and I'm sure it would help other users if the message could be more specific.
Context
- Spring Boot 3.2.4
- Spring Security 6.2.3
Thanks a lot for the great work!