ClientDetailsUserDetailsService cannot anymore support empty secret
barclay-reg opened this issue · 3 comments
Summary
up to verion 2.4.0, the method ClientDetailsUserDetailsService.setPasswordEncoder
was called while initializing DaoAuthenticationProvider (see https://github.com/spring-projects/spring-security-oauth/blob/6234826671d75632d84c524da1dd8818cee1b4c2/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/config/annotation/web/configurers/AuthorizationServerSecurityConfigurer.java#L139)
Actual Behavior
since 2.5.0 this is not the case anymore. Change was made with b478e80
Version
2.5.0
@barclay-reg Can you please provide more detail as it's not clear to me if you're having a specific issue. Can you put together a test or a minimal sample that reproduces the issue.
If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.
Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.