|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.security.authentication.encoding.BasePasswordEncoder org.springframework.security.authentication.encoding.BaseDigestPasswordEncoder org.springframework.security.authentication.encoding.MessageDigestPasswordEncoder
public class MessageDigestPasswordEncoder
Base for digest password encoders.
This class can be used stand-alone, or one of the subclasses can be used for compatiblity and convenience. When using this class directly you must specify a Message Digest Algorithm to use as a constructor arg.
The encoded password hash is normally returned as Hex (32 char) version of the hash bytes.
Setting the encodeHashAsBase64 property to true will cause the encoded pass to be returned
as Base64 text, which will consume 24 characters.
See BaseDigestPasswordEncoder.setEncodeHashAsBase64(boolean)
This PasswordEncoder
can be used directly as in the following example:
<bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.MessageDigestPasswordEncoder"> <constructor-arg value="MD5"/> </bean>
If desired, the iterations
property can be set to enable
"password stretching" for the digest calculation.
Constructor Summary | |
---|---|
MessageDigestPasswordEncoder(java.lang.String algorithm)
The digest algorithm to use Supports the named Message Digest Algorithms in the Java environment. |
|
MessageDigestPasswordEncoder(java.lang.String algorithm,
boolean encodeHashAsBase64)
Convenience constructor for specifying the algorithm and whether or not to enable base64 encoding |
Method Summary | |
---|---|
java.lang.String |
encodePassword(java.lang.String rawPass,
java.lang.Object salt)
Encodes the rawPass using a MessageDigest. |
java.lang.String |
getAlgorithm()
|
protected java.security.MessageDigest |
getMessageDigest()
Get a MessageDigest instance for the given algorithm. |
boolean |
isPasswordValid(java.lang.String encPass,
java.lang.String rawPass,
java.lang.Object salt)
Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and encoding that value |
void |
setIterations(int iterations)
Sets the number of iterations for which the calculated hash value should be "stretched". |
Methods inherited from class org.springframework.security.authentication.encoding.BaseDigestPasswordEncoder |
---|
getEncodeHashAsBase64, setEncodeHashAsBase64 |
Methods inherited from class org.springframework.security.authentication.encoding.BasePasswordEncoder |
---|
demergePasswordAndSalt, mergePasswordAndSalt |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public MessageDigestPasswordEncoder(java.lang.String algorithm)
algorithm
- public MessageDigestPasswordEncoder(java.lang.String algorithm, boolean encodeHashAsBase64) throws java.lang.IllegalArgumentException
algorithm
- encodeHashAsBase64
-
java.lang.IllegalArgumentException
- if an unknownMethod Detail |
---|
public java.lang.String encodePassword(java.lang.String rawPass, java.lang.Object salt)
rawPass
- The plain text passwordsalt
- The salt to sprinkle
protected final java.security.MessageDigest getMessageDigest() throws java.lang.IllegalArgumentException
java.lang.IllegalArgumentException
- if NoSuchAlgorithmException is thrownpublic boolean isPasswordValid(java.lang.String encPass, java.lang.String rawPass, java.lang.Object salt)
encPass
- previously encoded passwordrawPass
- plain text passwordsalt
- salt to mix into password
public java.lang.String getAlgorithm()
public void setIterations(int iterations)
iterations
- the number of iterations which will be executed on the hashed password/salt
value. Defaults to 1.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |