Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.crypto.bcrypt
Class BCryptPasswordEncoder

java.lang.Object
  extended by org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
All Implemented Interfaces:
PasswordEncoder
public class BCryptPasswordEncoder
extends Object
implements PasswordEncoder

Implementation of PasswordEncoder that uses the BCrypt strong hashing function. Clients can optionally supply a "strength" (a.k.a. log rounds in BCrypt) and a SecureRandom instance. The larger the strength parameter the more work will have to be done (exponentially) to hash the passwords. The default value is 10.

Constructor Summary
BCryptPasswordEncoder()
           
BCryptPasswordEncoder(int strength)
           
BCryptPasswordEncoder(int strength, SecureRandom random)
           
 
Method Summary
 String encode(CharSequence rawPassword)
          Encode the raw password.
 boolean matches(CharSequence rawPassword, String encodedPassword)
          Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BCryptPasswordEncoder

public BCryptPasswordEncoder()

BCryptPasswordEncoder

public BCryptPasswordEncoder(int strength)
Parameters:
strength - the log rounds to use

BCryptPasswordEncoder

public BCryptPasswordEncoder(int strength,
                             SecureRandom random)
Parameters:
strength - the log rounds to use
random - the secure random instance to use
Method Detail

encode

public String encode(CharSequence rawPassword)
Description copied from interface: PasswordEncoder
Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or greater hash combined with an 8-byte or greater randomly generated salt.

Specified by:
encode in interface PasswordEncoder

matches

public boolean matches(CharSequence rawPassword,
                       String encodedPassword)
Description copied from interface: PasswordEncoder
Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded. Returns true if the passwords match, false if they do not. The stored password itself is never decoded.

Specified by:
matches in interface PasswordEncoder
Parameters:
rawPassword - the raw password to encode and match
encodedPassword - the encoded password from storage to compare with
Returns:
true if the raw password, after encoding, matches the encoded password from storage
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD