org.acegisecurity.providers.ldap.authenticator
public class LdapShaPasswordEncoder extends java.lang.Object implements PasswordEncoder
ShaPasswordEncoder
which supports Ldap SHA and SSHA (salted-SHA) encodings. The values are
base-64 encoded and have the label "{SHA}" (or "{SSHA}") prepended to the encoded hash. These can be made lower-case
in the encoded password, if required, by setting the forceLowerCasePrefix property to true.Constructor and Description |
---|
LdapShaPasswordEncoder() |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
encodePassword(java.lang.String rawPass,
java.lang.Object salt)
Calculates the hash of password (and salt bytes, if supplied) and returns a base64 encoded concatenation
of the hash and salt, prefixed with {SHA} (or {SSHA} if salt was used).
|
boolean |
isPasswordValid(java.lang.String encPass,
java.lang.String rawPass,
java.lang.Object salt)
Checks the validity of an unencoded password against an encoded one in the form
"{SSHA}sQuQF8vj8Eg2Y1hPdh3bkQhCKQBgjhQI".
|
void |
setForceLowerCasePrefix(boolean forceLowerCasePrefix) |
public java.lang.String encodePassword(java.lang.String rawPass, java.lang.Object salt)
encodePassword
in interface PasswordEncoder
rawPass
- the password to be encoded.salt
- the salt. Must be a byte array or null.public boolean isPasswordValid(java.lang.String encPass, java.lang.String rawPass, java.lang.Object salt)
isPasswordValid
in interface PasswordEncoder
encPass
- the actual SSHA or SHA encoded passwordrawPass
- unencoded password to be verified.salt
- ignored. If the format is SSHA the salt bytes will be extracted from the encoded password.public void setForceLowerCasePrefix(boolean forceLowerCasePrefix)
Copyright © 2004-2014 Interface21, Inc. All Rights Reserved.