Package org.springframework.security.crypto.password

Class AbstractPasswordEncoder

  • All Implemented Interfaces:
    PasswordEncoder
    public abstract class AbstractPasswordEncoder
extends java.lang.Object
implements PasswordEncoder
    Abstract base class for password encoders

    • Method Summary

      All Methods Static Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.String encode​(java.lang.CharSequence rawPassword)
      Encode the raw password.
      protected abstract byte[] encode​(java.lang.CharSequence rawPassword, byte[] salt)  
      protected byte[] encodeAndConcatenate​(java.lang.CharSequence rawPassword, byte[] salt)  
      protected static boolean matches​(byte[] expected, byte[] actual)
      Constant time comparison to prevent against timing attacks.
      boolean matches​(java.lang.CharSequence rawPassword, java.lang.String encodedPassword)
      Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • AbstractPasswordEncoder

        protected AbstractPasswordEncoder()

    • Method Detail

      • encode

        public java.lang.String encode​(java.lang.CharSequence rawPassword)
        Description copied from interface: PasswordEncoder
        Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or greater hash combined with an 8-byte or greater randomly generated salt.
        Specified by:
        encode in interface PasswordEncoder

      • matches

        public boolean matches​(java.lang.CharSequence rawPassword,
                       java.lang.String encodedPassword)
        Description copied from interface: PasswordEncoder
        Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded. Returns true if the passwords match, false if they do not. The stored password itself is never decoded.
        Specified by:
        matches in interface PasswordEncoder
        Parameters:
        rawPassword - the raw password to encode and match
        encodedPassword - the encoded password from storage to compare with
        Returns:
        true if the raw password, after encoding, matches the encoded password from storage

      • encode

        protected abstract byte[] encode​(java.lang.CharSequence rawPassword,
                                 byte[] salt)

      • encodeAndConcatenate

        protected byte[] encodeAndConcatenate​(java.lang.CharSequence rawPassword,
                                      byte[] salt)

      • matches

        protected static boolean matches​(byte[] expected,
                                 byte[] actual)
        Constant time comparison to prevent against timing attacks.