BasePasswordEncoder (Spring Security 3.0.0.RELEASE API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.authentication.encoding
Class BasePasswordEncoder

java.lang.Object
  org.springframework.security.authentication.encoding.BasePasswordEncoder

All Implemented Interfaces:: PasswordEncoder

Direct Known Subclasses:: BaseDigestPasswordEncoder, PlaintextPasswordEncoder

public abstract class BasePasswordEncoder
extends Object
implements PasswordEncoder
extends Object
implements PasswordEncoder

Convenience base for all password encoders.

Version:: $Id: BasePasswordEncoder.java 3550 2009-04-13 13:43:23Z ltaylor $
Author:: Ben Alex

Constructor Summary
`BasePasswordEncoder()`

Method Summary
`protected String[]`	`demergePasswordAndSalt(String mergedPasswordSalt)` Used by subclasses to extract the password and salt from a merged `String` created using `mergePasswordAndSalt(String,Object,boolean)`.
`protected String`	`mergePasswordAndSalt(String password, Object salt, boolean strict)` Used by subclasses to generate a merged password and salt `String`.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Methods inherited from interface org.springframework.security.authentication.encoding.PasswordEncoder
`encodePassword, isPasswordValid`

Constructor Detail

BasePasswordEncoder

public BasePasswordEncoder()

Method Detail

demergePasswordAndSalt

protected String[] demergePasswordAndSalt(String mergedPasswordSalt)

Used by subclasses to extract the password and salt from a merged String created using mergePasswordAndSalt(String,Object,boolean).

The first element in the returned array is the password. The second element is the salt. The salt array element will always be present, even if no salt was found in the mergedPasswordSalt argument.

Parameters:: mergedPasswordSalt - as generated by mergePasswordAndSalt
Returns:: an array, in which the first element is the password and the second the salt
Throws:: IllegalArgumentException - if mergedPasswordSalt is null or empty.

mergePasswordAndSalt

protected String mergePasswordAndSalt(String password,
                                      Object salt,
                                      boolean strict)

Used by subclasses to generate a merged password and salt String.

The generated password will be in the form of password{salt}.

A null can be passed to either method, and will be handled correctly. If the salt is null or empty, the resulting generated password will simply be the passed password. The toString method of the salt will be used to represent the salt.

Parameters:: password - the password to be used (can be null); salt - the salt to be used (can be null); strict - ensures salt doesn't contain the delimiters
Returns:: a merged password and salt String
Throws:: IllegalArgumentException - if the salt contains '{' or '}' characters.