Encrypt User Password with Spring Security

In this tutorial, you will learn how to add Spring Security to your project so that we can use Spring Security to encrypt user passwords.

I assume you already have a project created with Spring Boot, but in case you do not have one, check out my blog post on how to “Create a very simple Web Service Project with Spring Boot“.

1. Add Spring Security to pom.xml File

I will begin by adding a Spring Security dependency to a pom.xml file of my Spring Boot project. Open the pom.xml file and add the following dependency:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
<!-- Security dependencies -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<!-- Security dependencies --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency>
 <!-- Security dependencies -->
<dependency>
 <groupId>org.springframework.boot</groupId>
 <artifactId>spring-boot-starter-security</artifactId>
</dependency>

Once you add the above dependency, none of your Web Service API endpoints will be available unless you provide a Bearer token in the request’s header. The Sign-up URL is usually public and should not require an authorization token.

If you want to learn how to implement user sign-up and store user details in a database, read “How to save user details to a database with Spring Data JPA“.

2. Create the BCryptPasswordEncoder Bean

To encrypt user passwords with Spring Security, we use the BCryptPasswordEncoder. You can also BCrypt to implement Custom Password Encoder.

Before you can start using BCryptPasswordEncoder, you need to create a new object of it and add this object to Spring Application Context. To do that, add the following method to the main or configuration class in your Spring Boot application.

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean public BCryptPasswordEncoder bCryptPasswordEncoder() { return new BCryptPasswordEncoder(); }
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
 return new BCryptPasswordEncoder();
}

After adding the above code method, my main Spring Boot application class looks like this:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
package com.appsdeveloperblog.app.ws;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@SpringBootApplication
public class MobileAppWsApplication {
public static void main(String[] args) {
SpringApplication.run(MobileAppWsApplication.class, args);
}
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
}
package com.appsdeveloperblog.app.ws; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.context.annotation.Bean; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; @SpringBootApplication public class MobileAppWsApplication { public static void main(String[] args) { SpringApplication.run(MobileAppWsApplication.class, args); } @Bean public BCryptPasswordEncoder bCryptPasswordEncoder() { return new BCryptPasswordEncoder(); } }
package com.appsdeveloperblog.app.ws;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

@SpringBootApplication
public class MobileAppWsApplication {

 public static void main(String[] args) {
  SpringApplication.run(MobileAppWsApplication.class, args);
 }
 
 @Bean
 public BCryptPasswordEncoder bCryptPasswordEncoder() {
  return new BCryptPasswordEncoder();
 }
}

Once you have created the BCryptPasswordEncoder as a Bean, you can Autowire it into your @Service class and use it to encrypt the provided user password.

Below is an example of the Service class and a method that uses BCryptPasswordEncoder to encrypt the user password before it is saved in a database.

Please note the use of bCryptPasswordEncoder.encode() function. It accepts the password and encodes it. After the password is encoded, it can be stored securely in a database table.

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
bCryptPasswordEncoder.encode(String)
bCryptPasswordEncoder.encode(String)
bCryptPasswordEncoder.encode(String)

example of createUser() function that uses the BCryptPasswordEncoder.

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
@Service
public class UserServiceImpl implements UserService {
private final UserRepository userRepository;
private final BCryptPasswordEncoder bCryptPasswordEncoder;
@Autowired
public UserServiceImpl(UserRepository userRepository,
BCryptPasswordEncoder bCryptPasswordEncoder) {
this.userRepository = userRepository;
this.bCryptPasswordEncoder = bCryptPasswordEncoder;
}
@Override
public UserDto createUser(UserDto userDto) {
UserDto returnValue = new UserDto();
...
// Generate secure password
userDto.setEncryptedPassword(bCryptPasswordEncoder.encode(userDto.getPassword()));
UserEntity userEntity = new UserEntity();
BeanUtils.copyProperties(userDto, userEntity);
// Record data into a database
userEntity = userRepository.save(userEntity);
...
return returnValue;
}
}
@Service public class UserServiceImpl implements UserService { private final UserRepository userRepository; private final BCryptPasswordEncoder bCryptPasswordEncoder; @Autowired public UserServiceImpl(UserRepository userRepository, BCryptPasswordEncoder bCryptPasswordEncoder) { this.userRepository = userRepository; this.bCryptPasswordEncoder = bCryptPasswordEncoder; } @Override public UserDto createUser(UserDto userDto) { UserDto returnValue = new UserDto(); ... // Generate secure password userDto.setEncryptedPassword(bCryptPasswordEncoder.encode(userDto.getPassword())); UserEntity userEntity = new UserEntity(); BeanUtils.copyProperties(userDto, userEntity); // Record data into a database userEntity = userRepository.save(userEntity); ... return returnValue; } }
@Service
public class UserServiceImpl implements UserService {

    private final UserRepository userRepository;
    private final BCryptPasswordEncoder bCryptPasswordEncoder;

    @Autowired
    public UserServiceImpl(UserRepository userRepository,
            BCryptPasswordEncoder bCryptPasswordEncoder) {
        this.userRepository = userRepository;
        this.bCryptPasswordEncoder = bCryptPasswordEncoder;
    }

@Override
    public UserDto createUser(UserDto userDto) {
        UserDto returnValue = new UserDto();

        ...
  
        // Generate secure password
        userDto.setEncryptedPassword(bCryptPasswordEncoder.encode(userDto.getPassword()));

        UserEntity userEntity = new UserEntity();
        BeanUtils.copyProperties(userDto, userEntity);

        // Record data into a database
        userEntity = userRepository.save(userEntity);
 
         ...

        return returnValue;
    }

}

Custom Password Encoder

You might also be interested to learn how to implement Custom Password Encoder.

Conclusion

I hope this short blog post is of some value to you.

The Spring Boot Framework makes it very easy to add Security features to your Web Service application. Encrypting password is one of these features.

If you need help implementing this functionality in your project, look at my video course “RESTful Web Services with Spring Boot and Spring MVC“. In this course, I demonstrate how to implement User Sign-up and Sign-in features step-by-step.

Happing learning!

Leave a Reply

Your email address will not be published. Required fields are marked *