Just wondering . . . Why doesn't the AbstractUsernamePasswordAuthenticationHandler encode the password before passing the credentials to the subclass for authentication? I haven't seen a subclass that does anything with the PasswordEncoder. Carlos