org.acegisecurity.providers.ldap.authenticator
Class LdapShaPasswordEncoder
java.lang.Object
org.acegisecurity.providers.ldap.authenticator.LdapShaPasswordEncoder
- All Implemented Interfaces:
- PasswordEncoder
public class LdapShaPasswordEncoder
- extends Object
- implements PasswordEncoder
A version of ShaPasswordEncoder
which supports Ldap SHA and SSHA (salted-SHA) encodings. The values are
base-64 encoded and have the label "{SHA}" (or "{SSHA}") prepended to the encoded hash. These can be made lower-case
in the encoded password, if required, by setting the forceLowerCasePrefix property to true.
- Version:
- $Id: LdapShaPasswordEncoder.java 1958 2007-08-27 16:23:14Z luke_t $
- Author:
- Luke Taylor
Method Summary |
String |
encodePassword(String rawPass,
Object salt)
Calculates the hash of password (and salt bytes, if supplied) and returns a base64 encoded concatenation
of the hash and salt, prefixed with {SHA} (or {SSHA} if salt was used). |
boolean |
isPasswordValid(String encPass,
String rawPass,
Object salt)
Checks the validity of an unencoded password against an encoded one in the form
"{SSHA}sQuQF8vj8Eg2Y1hPdh3bkQhCKQBgjhQI". |
void |
setForceLowerCasePrefix(boolean forceLowerCasePrefix)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
LdapShaPasswordEncoder
public LdapShaPasswordEncoder()
encodePassword
public String encodePassword(String rawPass,
Object salt)
- Calculates the hash of password (and salt bytes, if supplied) and returns a base64 encoded concatenation
of the hash and salt, prefixed with {SHA} (or {SSHA} if salt was used).
- Specified by:
encodePassword
in interface PasswordEncoder
- Parameters:
rawPass
- the password to be encoded.salt
- the salt. Must be a byte array or null.
- Returns:
- the encoded password in the specified format
isPasswordValid
public boolean isPasswordValid(String encPass,
String rawPass,
Object salt)
- Checks the validity of an unencoded password against an encoded one in the form
"{SSHA}sQuQF8vj8Eg2Y1hPdh3bkQhCKQBgjhQI".
- Specified by:
isPasswordValid
in interface PasswordEncoder
- Parameters:
encPass
- the actual SSHA or SHA encoded passwordrawPass
- unencoded password to be verified.salt
- ignored. If the format is SSHA the salt bytes will be extracted from the encoded password.
- Returns:
- true if they match (independent of the case of the prefix).
setForceLowerCasePrefix
public void setForceLowerCasePrefix(boolean forceLowerCasePrefix)
Copyright © 2004-2012 Interface21, Inc. All Rights Reserved.