[Fixed] Spring Security Error: There is no PasswordEncoder mapped for the id "null"

Details
Written by  
Last Updated on 31 March 2020   |   Print  Email



[Master REST API Development and Java and Spring Boot]
While implementing authentication using Spring Security, you may get this error when testing login function:

java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"

Or null can be any unknown password encoding algorithm.

To fix this error, you need to specify a password encoder explicitly this way:

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

	@Bean
	public PasswordEncoder passwordEncoder() {
		return new BCryptPasswordEncoder();	
	}
	
	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		...
	}


	@Override
	protected void configure(HttpSecurity http) throws Exception {
		...
	}
}
 

Or, in case you’re using in-memory authentication, specify the password encoder like this:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
	auth.inMemoryAuthentication()
	
		.passwordEncoder(new BCryptPasswordEncoder())
		
		.withUser("namhm").password("$2a$10$fUXt47JTx/Rv/OHBkQgqAOvan445zDU7tCZcHr...")
		.roles("USER")
		;
}
If you are using JDBC, fix the error “there is no PasswordEncoder mapped” as follows:

@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {

	auth.jdbcAuthentication().passwordEncoder(new BCryptPasswordEncoder());
	
}
 

You may also get the same error if you specify wrong prefix for in-memory password accidentally like this:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
	auth.inMemoryAuthentication()
		.withUser("namhm").password("{bvrypt}$2a$10$fUXt47JTx/Rv/OHBkQgqAOvan445zDU7tCZcHr...")
		.roles("USER")
		;
}
Spring will report this error:

java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "bvrypt"



So to fix this error, you need to correct the prefix, e.g. {bcrypt} is for BCrypt password encoder.

 

Related Spring Security Tutorials:

 

Other Spring Tutorials:


About the Author:

is certified Java programmer (SCJP and SCWCD). He began programming with Java back in the days of Java 1.4 and has been passionate about it ever since. You can connect with him on Facebook and watch his Java videos on YouTube.