Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1331: Allow omission of password field in user-service users #1579

spring-issuemaster opened this Issue Dec 16, 2009 · 2 comments


None yet
2 participants

Luke Taylor (Migrated from SEC-1331) said:

For such users, the namespace would generate a random password value, preventing authentication as those users. This makes sense in situations where the service is only used to load supplementary post-authentication data (user authorities). Typically this is the case with CAS, OpenID, Pre-Authentication.

Luke Taylor said:

Updated schema and parser to allow empty password, generating a random one internally. Modified OpenID sample to use the alternative syntax.

@spring-issuemaster spring-issuemaster added this to the 3.0.0 milestone Feb 5, 2016


rwinch commented Feb 6, 2016

This issue supersedes #1576

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment