|
@@ -495,7 +495,7 @@ XML Configuration requires the `NoOpPasswordEncoder` bean name to be `passwordEn
|
|
|
|
|
|
|
|
Most applications that allow a user to specify a password also require a feature for updating that password.
|
|
Most applications that allow a user to specify a password also require a feature for updating that password.
|
|
|
|
|
|
|
|
-https://w3c.github.io/webappsec-change-password-url/[A Well-Know URL for Changing Passwords] indicates a mechanism by which password managers can discover the password update endpoint for a given application.
|
|
|
|
|
|
|
+https://w3c.github.io/webappsec-change-password-url/[A Well-Known URL for Changing Passwords] indicates a mechanism by which password managers can discover the password update endpoint for a given application.
|
|
|
|
|
|
|
|
You can configure Spring Security to provide this discovery endpoint.
|
|
You can configure Spring Security to provide this discovery endpoint.
|
|
|
For example, if the change password endpoint in your application is `/change-password`, then you can configure Spring Security like so:
|
|
For example, if the change password endpoint in your application is `/change-password`, then you can configure Spring Security like so:
|
Desmond Silveira