Spring Security Framework

org.springframework.security.providers.encoding
Class MessageDigestPasswordEncoder

java.lang.Object
  extended by org.springframework.security.providers.encoding.BasePasswordEncoder
      extended by org.springframework.security.providers.encoding.BaseDigestPasswordEncoder
          extended by org.springframework.security.providers.encoding.MessageDigestPasswordEncoder
All Implemented Interfaces:
PasswordEncoder
Direct Known Subclasses:
Md5PasswordEncoder, ShaPasswordEncoder

public class MessageDigestPasswordEncoder
extends BaseDigestPasswordEncoder

Base for digest password encoders.

This class can be used stand-alone, or one of the subclasses can be used for compatiblity and convenience. When using this class directly you must specify a Message Digest Algorithm to use as a constructor arg

The encoded password hash is normally returned as Hex (32 char) version of the hash bytes. Setting the encodeHashAsBase64 property to true will cause the encoded pass to be returned as Base64 text, which will consume 24 characters. See BaseDigestPasswordEncoder.setEncodeHashAsBase64(boolean)

This PasswordEncoder can be used directly as in the following example:

 <bean id="passwordEncoder" class="org.springframework.security.providers.encoding.MessageDigestPasswordEncoder">
     <constructor-arg value="MD5"/>
 </bean>
 

Since:
1.0.1
Author:
Ray Krueger

Constructor Summary
MessageDigestPasswordEncoder(String algorithm)
          The digest algorithm to use Supports the named Message Digest Algorithms in the Java environment.
MessageDigestPasswordEncoder(String algorithm, boolean encodeHashAsBase64)
          Convenience constructor for specifying the algorithm and whether or not to enable base64 encoding
 
Method Summary
 String encodePassword(String rawPass, Object salt)
          Encodes the rawPass using a MessageDigest.
 String getAlgorithm()
           
protected  MessageDigest getMessageDigest()
          Get a MessageDigest instance for the given algorithm.
 boolean isPasswordValid(String encPass, String rawPass, Object salt)
          Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and encoding that value
 
Methods inherited from class org.springframework.security.providers.encoding.BaseDigestPasswordEncoder
getEncodeHashAsBase64, setEncodeHashAsBase64
 
Methods inherited from class org.springframework.security.providers.encoding.BasePasswordEncoder
demergePasswordAndSalt, mergePasswordAndSalt
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

MessageDigestPasswordEncoder

public MessageDigestPasswordEncoder(String algorithm)
The digest algorithm to use Supports the named Message Digest Algorithms in the Java environment.

Parameters:
algorithm -

MessageDigestPasswordEncoder

public MessageDigestPasswordEncoder(String algorithm,
                                    boolean encodeHashAsBase64)
                             throws IllegalArgumentException
Convenience constructor for specifying the algorithm and whether or not to enable base64 encoding

Parameters:
algorithm -
encodeHashAsBase64 -
Throws:
IllegalArgumentException - if an unknown
Method Detail

encodePassword

public String encodePassword(String rawPass,
                             Object salt)
Encodes the rawPass using a MessageDigest. If a salt is specified it will be merged with the password before encoding.

Parameters:
rawPass - The plain text password
salt - The salt to sprinkle
Returns:
Hex string of password digest (or base64 encoded string if encodeHashAsBase64 is enabled.

getMessageDigest

protected final MessageDigest getMessageDigest()
                                        throws IllegalArgumentException
Get a MessageDigest instance for the given algorithm. Throws an IllegalArgumentException if algorithm is unknown

Returns:
MessageDigest instance
Throws:
IllegalArgumentException - if NoSuchAlgorithmException is thrown

isPasswordValid

public boolean isPasswordValid(String encPass,
                               String rawPass,
                               Object salt)
Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and encoding that value

Parameters:
encPass - previously encoded password
rawPass - plain text password
salt - salt to mix into password
Returns:
true or false

getAlgorithm

public String getAlgorithm()

Spring Security Framework

Copyright © 2004-2010 SpringSource, Inc. All Rights Reserved.