These are chat archives for alvarosanchez/spring-security-rest

17th
Dec 2014
Yanis Ikene
@yanisIk
Dec 17 2014 15:19
I also found something exploitable : Let's say I signup with OAuth, then a user will be created with my id and no password. Then let's say I login after that using /api/login and just enter my id and N/A password, will it login ? Do I have to modify the login controller too ?