Spring boot encoding filter

Question

I use spring boot and spring security and I need to encode requests. So I use encoding filter in spring security and add it before others filters. And it doesn't work. I have the following result:

@Configuration
@EnableWebSecurity
public class SecurityJavaConfig extends WebSecurityConfigurerAdapter {

@Autowired
private MyUserDetailsService myUserDetailsService;

@Autowired
private UserDao userDao;

@Autowired
private RestAuthenticationEntryPoint restAuthenticationEntryPoint;

@Autowired
private AuthenticationSuccessHandler authenticationSuccessHandler;

@Autowired
private CustomAuthenticationFailureHandler customAuthenticationFailureHandler;

@Bean(name = "myAuthenticationManager")
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}

@Bean
public PasswordEncoder customPasswordEncoder() {
    return new PasswordEncoder() {
        @Override
        public String encode(CharSequence rawPassword) {
            return DigestUtils.md5Hex(rawPassword.toString());
        }
        @Override
        public boolean matches(CharSequence rawPassword, String encodedPassword) {
            return DigestUtils.md5Hex(rawPassword.toString()).equals(encodedPassword);
        }
    };
}

@Bean
public CustomUsernamePasswordAuthenticationFilter customUsernamePasswordAuthenticationFilter()
        throws Exception {
    CustomUsernamePasswordAuthenticationFilter customUsernamePasswordAuthenticationFilter = new CustomUsernamePasswordAuthenticationFilter(userDao);
    customUsernamePasswordAuthenticationFilter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login", "POST"));
    customUsernamePasswordAuthenticationFilter.setAuthenticationSuccessHandler(authenticationSuccessHandler);
    customUsernamePasswordAuthenticationFilter.setAuthenticationFailureHandler(customAuthenticationFailureHandler);
    customUsernamePasswordAuthenticationFilter
            .setAuthenticationManager(authenticationManagerBean());
    return customUsernamePasswordAuthenticationFilter;
}

@Override
protected void configure(AuthenticationManagerBuilder auth)
        throws Exception {
    auth.userDetailsService(myUserDetailsService).passwordEncoder(customPasswordEncoder());
}


@Override
protected void configure(HttpSecurity http) throws Exception {
    CharacterEncodingFilter filter = new CharacterEncodingFilter();
    filter.setEncoding("UTF-8");
    filter.setForceEncoding(true);
    http.addFilterBefore(filter,CsrfFilter.class);
    //Implementing Token based authentication in this filter
    final TokenAuthenticationFilter tokenFilter = new TokenAuthenticationFilter(userDao);
    http.addFilterBefore(tokenFilter, BasicAuthenticationFilter.class);
    http.addFilterBefore(customUsernamePasswordAuthenticationFilter(), CustomUsernamePasswordAuthenticationFilter.class);

    http.csrf().disable();
    http.cors();

    http.sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
    http.exceptionHandling()
            .authenticationEntryPoint(restAuthenticationEntryPoint)
            .and()
            .authorizeRequests()
            .antMatchers("/news/create").hasAnyAuthority("ADMIN")
            .antMatchers("/news/update").hasAnyAuthority("ADMIN")
            .antMatchers("/news/update/*").hasAnyAuthority("ADMIN")
            .antMatchers("/news/delete").hasAnyAuthority("ADMIN")
            .antMatchers("/**").hasAnyAuthority("USER", "ADMIN")
            .and()
            .logout();
}

//cors configuration bean
...
}

I've used many different ways how to solve it. But nothing works... I can't now post this question because there is a lot of code. So sorry, but I have to write some sentences to post it) Thanks

Answer 1

try to add encoding config in application.properties

as below :

spring.http.encoding.charset=UTF-8
spring.http.encoding.enabled=true
spring.http.encoding.force=true

See doc for more info