Tag Archives: spring mvc

Hashing and Salting passwords with Spring Security PasswordEncoder

Getting the details right when implementing password storage is critical. Some hash algorithms are vulnerable or just not suited to password hashing. If the salt is too short or predictable, it may be possible to retrieve the password from the hash. Any number of subtle bugs in coding could result in a password database that is vulnerable in one way or another. Fortunately, Spring Security includes password hashing out of the box. What’s more, since version 3.1, Spring Security automatically takes care of salting too.

Testing with mock users in Spring / Spring MVC

A common unit test scenario for Spring / Spring MVC applications is to verify behavior when logged in as a particular user. The new spring-security-test library available with Spring Security version 4 makes testing user access controls in Spring and Spring MVC applications far simpler.

Testing for SimpleDateFormat thread safety

Declaring an instance of SimpleDateFormat as a constant (static final class member) is usually bad. But then again, it’s a very obvious thing to do.

MockMVC to test Spring MVC form validation

The MockMVC class allows tests to be run against a real Spring application context without actually having to run the complete application in a Servlet container

Spring MVC Maven Archetype

In less than five minutes and just three Maven commands, I was able to create, compile and run a fully working example Spring MVC application.