Package org.springframework.security.crypto.password

Class LdapShaPasswordEncoder

  • All Implemented Interfaces:
    PasswordEncoder
    @Deprecated
public class LdapShaPasswordEncoder
extends java.lang.Object
implements PasswordEncoder
    Deprecated.
    Digest based password encoding is not considered secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.
    This PasswordEncoder is provided for legacy purposes only and is not considered secure. A version of PasswordEncoder which supports Ldap SHA and SSHA (salted-SHA) encodings. The values are base-64 encoded and have the label "{SHA}" (or "{SSHA}") prepended to the encoded hash. These can be made lower-case in the encoded password, if required, by setting the forceLowerCasePrefix property to true. Also supports plain text passwords, so can safely be used in cases when both encoded and non-encoded passwords are in use or when a null implementation is required.

    • Method Summary

      All Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      java.lang.String encode​(java.lang.CharSequence rawPass)
      Deprecated.
      Calculates the hash of password (and salt bytes, if supplied) and returns a base64 encoded concatenation of the hash and salt, prefixed with {SHA} (or {SSHA} if salt was used).
      boolean matches​(java.lang.CharSequence rawPassword, java.lang.String encodedPassword)
      Deprecated.
      Checks the validity of an unencoded password against an encoded one in the form "{SSHA}sQuQF8vj8Eg2Y1hPdh3bkQhCKQBgjhQI".
      void setForceLowerCasePrefix​(boolean forceLowerCasePrefix)
      Deprecated.
       

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • LdapShaPasswordEncoder

        public LdapShaPasswordEncoder()
        Deprecated.

      • LdapShaPasswordEncoder

        public LdapShaPasswordEncoder​(BytesKeyGenerator saltGenerator)
        Deprecated.

    • Method Detail

      • encode

        public java.lang.String encode​(java.lang.CharSequence rawPass)
        Deprecated.
        Calculates the hash of password (and salt bytes, if supplied) and returns a base64 encoded concatenation of the hash and salt, prefixed with {SHA} (or {SSHA} if salt was used).
        Specified by:
        encode in interface PasswordEncoder
        Parameters:
        rawPass - the password to be encoded.
        Returns:
        the encoded password in the specified format

      • matches

        public boolean matches​(java.lang.CharSequence rawPassword,
                       java.lang.String encodedPassword)
        Deprecated.
        Checks the validity of an unencoded password against an encoded one in the form "{SSHA}sQuQF8vj8Eg2Y1hPdh3bkQhCKQBgjhQI".
        Specified by:
        matches in interface PasswordEncoder
        Parameters:
        rawPassword - unencoded password to be verified.
        encodedPassword - the actual SSHA or SHA encoded password
        Returns:
        true if they match (independent of the case of the prefix).

      • setForceLowerCasePrefix

        public void setForceLowerCasePrefix​(boolean forceLowerCasePrefix)
        Deprecated.