DelegatingPasswordEncoder
which supports
password upgrades. There are no plans to remove this support. It is deprecated to
indicate that this is a legacy implementation and using it is considered insecure.@Deprecated public final class StandardPasswordEncoder extends java.lang.Object implements PasswordEncoder
PasswordEncoder
is provided for legacy purposes only and is not considered
secure.
A standard PasswordEncoder
implementation that uses SHA-256 hashing with 1024
iterations and a random 8-byte random salt value. It uses an additional system-wide
secret value to provide additional protection.
The digest algorithm is invoked on the concatenated bytes of the salt, secret and password.
If you are developing a new system,
BCryptPasswordEncoder
is a better
choice both in terms of security and interoperability with other languages.
Constructor and Description |
---|
StandardPasswordEncoder()
Deprecated.
Constructs a standard password encoder with no additional secret value.
|
StandardPasswordEncoder(java.lang.CharSequence secret)
Deprecated.
Constructs a standard password encoder with a secret value which is also included
in the password hash.
|
Modifier and Type | Method and Description |
---|---|
java.lang.String |
encode(java.lang.CharSequence rawPassword)
Deprecated.
Encode the raw password.
|
boolean |
matches(java.lang.CharSequence rawPassword,
java.lang.String encodedPassword)
Deprecated.
Verify the encoded password obtained from storage matches the submitted raw
password after it too is encoded.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
upgradeEncoding
public StandardPasswordEncoder()
public StandardPasswordEncoder(java.lang.CharSequence secret)
secret
- the secret key used in the encoding process (should not be shared)public java.lang.String encode(java.lang.CharSequence rawPassword)
PasswordEncoder
encode
in interface PasswordEncoder
public boolean matches(java.lang.CharSequence rawPassword, java.lang.String encodedPassword)
PasswordEncoder
matches
in interface PasswordEncoder
rawPassword
- the raw password to encode and matchencodedPassword
- the encoded password from storage to compare with