Getting the details right when implementing password storage is critical. Some hash algorithms are vulnerable or just not suited to password hashing. If the salt is too short or predictable, it may be possible to retrieve the password from the hash. Any number of subtle bugs in coding could result in a password database that is vulnerable in one way or another. Fortunately, Spring Security includes password hashing out of the box. What’s more, since version 3.1, Spring Security automatically takes care of salting too.
Stuart 'Stevie' Leitch's blog on Software Development, Java Technologies, Security and Testing
Tagsapm appdynamics archetype blame bug ci container DBUnit deploy docker Dockerfile Docker Hub github hibernate image integration test jetty junit maven microservice mistake MockMVC MySQL netbeans repository REST RestTemplateBuilder scm Security SOAP software development spanners spring Spring-WS spring boot spring mvc spring security tapestry test testing tomcat unit test VM windows WithMockUser