Class MessageDigestPasswordEncoder

  • All Implemented Interfaces:
    net.sf.acegisecurity.providers.encoding.PasswordEncoder
    Direct Known Subclasses:
    ShaPasswordEncoderImpl

    public class MessageDigestPasswordEncoder
    extends net.sf.acegisecurity.providers.encoding.BaseDigestPasswordEncoder
    Base for digest password encoders.

    This class can be used stand-alone, or one of the subclasses can be used for compatiblity and convenience. When using this class directly you must specify a Message Digest Algorithm to use as a constructor arg

    The encoded password hash is normally returned as Hex (32 char) version of the hash bytes. Setting the encodeHashAsBase64 property to true will cause the encoded pass to be returned as Base64 text, which will consume 24 characters. See BaseDigestPasswordEncoder.setEncodeHashAsBase64(boolean)

    This PasswordEncoder can be used directly as in the following example:

     <bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.MessageDigestPasswordEncoder">
         <constructor-arg value="MD5"/>
     </bean>
     

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.String encodePassword​(java.lang.String rawPass, java.lang.Object salt)
      Encodes the rawPass using a MessageDigest.
      java.lang.String getAlgorithm()  
      protected java.security.MessageDigest getMessageDigest()
      Get a MessageDigest instance for the given algorithm.
      boolean isPasswordValid​(java.lang.String encPass, java.lang.String rawPass, java.lang.Object salt)
      Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and encoding that value
      • Methods inherited from class net.sf.acegisecurity.providers.encoding.BaseDigestPasswordEncoder

        getEncodeHashAsBase64, setEncodeHashAsBase64
      • Methods inherited from class net.sf.acegisecurity.providers.encoding.BasePasswordEncoder

        demergePasswordAndSalt, mergePasswordAndSalt
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • MessageDigestPasswordEncoder

        public MessageDigestPasswordEncoder​(java.lang.String algorithm)
        The digest algorithm to use Supports the named Message Digest Algorithms in the Java environment.
        Parameters:
        algorithm - String
      • MessageDigestPasswordEncoder

        public MessageDigestPasswordEncoder​(java.lang.String algorithm,
                                            boolean encodeHashAsBase64)
                                     throws java.lang.IllegalArgumentException
        Convenience constructor for specifying the algorithm and whether or not to enable base64 encoding
        Parameters:
        algorithm - String
        encodeHashAsBase64 - boolean
        Throws:
        java.lang.IllegalArgumentException - if an unknown
    • Method Detail

      • encodePassword

        public java.lang.String encodePassword​(java.lang.String rawPass,
                                               java.lang.Object salt)
        Encodes the rawPass using a MessageDigest. If a salt is specified it will be merged with the password before encoding.
        Parameters:
        rawPass - The plain text password
        salt - The salt to sprinkle
        Returns:
        Hex string of password digest (or base64 encoded string if encodeHashAsBase64 is enabled.
      • getMessageDigest

        protected final java.security.MessageDigest getMessageDigest()
                                                              throws java.lang.IllegalArgumentException
        Get a MessageDigest instance for the given algorithm. Throws an IllegalArgumentException if algorithm is unknown
        Returns:
        MessageDigest instance
        Throws:
        java.lang.IllegalArgumentException - if NoSuchAlgorithmException is thrown
      • isPasswordValid

        public boolean isPasswordValid​(java.lang.String encPass,
                                       java.lang.String rawPass,
                                       java.lang.Object salt)
        Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and encoding that value
        Parameters:
        encPass - previously encoded password
        rawPass - plain text password
        salt - salt to mix into password
        Returns:
        true or false
      • getAlgorithm

        public java.lang.String getAlgorithm()