SEC-1655: Allow pluggable Base64 encoders in the MessageDigestPasswordEncoder #1895

Closed
spring-issuemaster opened this Issue Jan 11, 2011 · 1 comment

1 participant

@spring-issuemaster

Todd Nine (Migrated from SEC-1655) said:

Currently, the option to Base64 encode is hard coded. We use the PasswordEncoder not only for passwords, but for generating one time tokens as well. The encoding with "/" and "=" can be a bit frustrating when dealing with tokens and the web tier. It would be nice if we had the option to use our own Base64 encoder to allow us to always generate web compliant base64 .

@spring-issuemaster

Luke Taylor said:

I'd prefer to keep Base64 encoding as an internal implementation detail as it is now.This isn't really what the PasswordEncoder interface is intended for so I'd recommend you create your own token generator strategy interface.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.RC1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment