VMware vRealize Automation 8.x (2022) — Question 18

Which two statements are true regarding storing user details in Spring Security? (Choose two.)

Answer options

• A. With a custom UserDetailsService defined in the ApplicationContext, Spring Boot still creates the default user.
• B. Passwords must be hashed and the default hashing algorithm is MD5.
• C. User details can be stored in custom storage and retrieve them by implementing the UserDetailsService interface.
• D. User details can be stored in a database, in LDAP, or in-memory.
• E. The user details includes username and password but not authorities.

Correct answer: C, D

Explanation

Option C is correct because it highlights that user details can be stored in custom locations by implementing the UserDetailsService interface. Option D is also correct as it states that user details can be stored in various systems like a database, LDAP, or in-memory. The other options are incorrect due to the presence of default user creation in A, the outdated hashing method mentioned in B, and the incomplete user information described in E.