Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

atg.security
Class SaltedDigestPasswordHasher

java.lang.Object
  extended by atg.security.PasswordHasher2Adapter
      extended by atg.security.SaltedDigestPasswordHasher
All Implemented Interfaces:
PasswordHasher, PasswordHasher2, java.io.Serializable
public class SaltedDigestPasswordHasher
extends PasswordHasher2Adapter

A password hasher that utilizes the java.security.MessageDigest mechanism for hashing passwords. The login name is used as a salt.

After digestifying the password it is then encoded using the binary-to-text encoding scheme specified by the encoding property ("base16" by default).

This hasher does not support one-time hashing (e.g. login passwords are encoded the same way every time).

See Also:
java.security.MessageDigest;, Serialized Form

Field Summary
static java.lang.String CLASS_VERSION
           
 
Constructor Summary
SaltedDigestPasswordHasher()
          Creates a SaltedDigestPasswordHasher with a random hash key.
SaltedDigestPasswordHasher(java.lang.Long pHashKey)
          Creates a SaltedDigestPasswordHasher using a pre-existing hash key.
 
Method Summary
 boolean checkPassword(java.lang.String pLogin, java.lang.String pLoginPassword, java.lang.String pEncryptedPassword, java.lang.Object pHashKey)
          Returns true if the login password matches the encrypted password.
 java.lang.String encryptPassword(java.lang.String pLogin, java.lang.String pPassword)
          Encrypts a password suitably for long-term storage.
 java.lang.String getAlgorithm()
          Returns the name of the digestifying algorithm used by this password hasher.
 java.lang.String getEncoding()
          Returns the name of the encoding scheme used to convert the encrypted password into a string.
 PasswordHasher getLoginPasswordHasher()
          Returns a password hasher instance useful for performing a login.
 java.lang.Object getPasswordHashKey()
          Returns the hash key (if any) that was used for hashing the password for login.
 java.lang.String hashPasswordForLogin(java.lang.String pLogin, java.lang.String pPassword)
          Performs the appropriate hashing function for a login process.
 void setAlgorithm(java.lang.String pAlgorithm)
          Changes the name of the digestifying algorithm used by this password hasher.
 void setEncoding(java.lang.String pMethod)
          Changes the encoding scheme used to convert the encrypted password into a string.
 
Methods inherited from class atg.security.PasswordHasher2Adapter
checkPassword, encryptPassword, hashPasswordForLogin
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION
Constructor Detail

SaltedDigestPasswordHasher

public SaltedDigestPasswordHasher()
Creates a SaltedDigestPasswordHasher with a random hash key.

SaltedDigestPasswordHasher

public SaltedDigestPasswordHasher(java.lang.Long pHashKey)
Creates a SaltedDigestPasswordHasher using a pre-existing hash key.

Method Detail

getAlgorithm

public java.lang.String getAlgorithm()
Returns the name of the digestifying algorithm used by this password hasher.

setAlgorithm

public void setAlgorithm(java.lang.String pAlgorithm)
Changes the name of the digestifying algorithm used by this password hasher.

getEncoding

public java.lang.String getEncoding()
Returns the name of the encoding scheme used to convert the encrypted password into a string.

See Also:
BinaryToTextEncoders

setEncoding

public void setEncoding(java.lang.String pMethod)
Changes the encoding scheme used to convert the encrypted password into a string.

See Also:
BinaryToTextEncoders

getPasswordHashKey

public java.lang.Object getPasswordHashKey()
Returns the hash key (if any) that was used for hashing the password for login. This must be passed to checkPassword() to verify the validity of the hash.

getLoginPasswordHasher

public PasswordHasher getLoginPasswordHasher()
Returns a password hasher instance useful for performing a login. This instance may have a unique password hash key so that each login attempt is hashed differently.

encryptPassword

public java.lang.String encryptPassword(java.lang.String pLogin,
                                        java.lang.String pPassword)
Encrypts a password suitably for long-term storage.

checkPassword

public boolean checkPassword(java.lang.String pLogin,
                             java.lang.String pLoginPassword,
                             java.lang.String pEncryptedPassword,
                             java.lang.Object pHashKey)
Returns true if the login password matches the encrypted password.

hashPasswordForLogin

public java.lang.String hashPasswordForLogin(java.lang.String pLogin,
                                             java.lang.String pPassword)
Performs the appropriate hashing function for a login process. This value will later be passed to checkPassword().

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD