atg.security
Class iPlanetSSHAPasswordHasher

java.lang.Object
  atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
      atg.nucleus.GenericService
          atg.security.iPlanetSSHAPasswordHasher

All Implemented Interfaces:

NameContextBindingListener, NameContextElement, NameResolver, AdminableService, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, atg.nucleus.logging.VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener, PasswordHasher, PasswordHasher2, java.io.Serializable, java.util.EventListener

Direct Known Subclasses:

iPlanetSSHAAccountPasswordHasher

public class iPlanetSSHAPasswordHasher
extends GenericService
implements PasswordHasher2

A password hasher which implements the SSHA (salted SHA) algorithm as implemented by the iPlanet Directory Server.

See Also:

Serialized Form

Field Summary

static java.lang.String

CLASS_VERSION Class version string

Fields inherited from class atg.nucleus.GenericService

SERVICE_INFO_KEY

Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging

DEFAULT_LOG_TRACE_STATUS

Fields inherited from interface atg.nucleus.logging.ApplicationLogging

DEFAULT_LOG_DEBUG_STATUS, DEFAULT_LOG_ERROR_STATUS, DEFAULT_LOG_INFO_STATUS, DEFAULT_LOG_WARNING_STATUS

Constructor Summary

iPlanetSSHAPasswordHasher()

Method Summary

boolean	checkPassword(java.lang.String pLoginPassword, java.lang.String pEncryptedPassword, java.lang.Object pHashKey) Returns true if the login password matches the encrypted password.
boolean	checkPassword(java.lang.String pLogin, java.lang.String pLoginPassword, java.lang.String pEncryptedPassword, java.lang.Object pHashKey) Returns true if the login password matches the encrypted password.
java.lang.String	encryptPassword(java.lang.String pPassword) Encrypts a password suitably for long-term storage.
java.lang.String	encryptPassword(java.lang.String pLogin, java.lang.String pPassword) Encrypts a password suitably for long-term storage.
protected static byte[]	extractSalt(java.lang.String pEncryptedPassword) Given a password encrypted with encryptPassword, extracts the salt which was used to encrypt it.
protected java.lang.String	getEncryptedPassword(java.lang.String pLogin) Returns the encrypted password associated with the given login name.
PasswordHasher	getLoginPasswordHasher() Returns a password hasher instance useful for performing a login.
java.lang.Object	getPasswordHashKey() Returns the hash key (if any) that was used for hashing the password for login.
protected byte[]	getSalt(java.lang.String pLogin) Given a login name, extracts the salt which should be used to encrypt the associated password.
java.lang.String	hashPasswordForLogin(java.lang.String pPassword) Performs the appropriate hashing function for a login process.
java.lang.String	hashPasswordForLogin(java.lang.String pLogin, java.lang.String pPassword) Performs the appropriate hashing function for a login process.
static void	main(java.lang.String[] pArgs) Main test routine.

Methods inherited from class atg.nucleus.GenericService

addLogListener, createAdminServlet, doStartService, doStopService, getAbsoluteName, getAdminServlet, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo, startService, stopService

Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl

vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION

Class version string

Constructor Detail

iPlanetSSHAPasswordHasher

public iPlanetSSHAPasswordHasher()

Method Detail

getEncryptedPassword

protected java.lang.String getEncryptedPassword(java.lang.String pLogin)

Returns the encrypted password associated with the given login name. The default implementation returns null. Subclasses can override this method to extract the user's information from the associated storage, and return the encrypted password.

getSalt

protected byte[] getSalt(java.lang.String pLogin)

Given a login name, extracts the salt which should be used to encrypt the associated password. If the associated user account already has an encrypted password stored in it, the salt is extracted from the password. Otherwise, returns null.

extractSalt

protected static byte[] extractSalt(java.lang.String pEncryptedPassword)

Given a password encrypted with encryptPassword, extracts the salt which was used to encrypt it.

encryptPassword

public java.lang.String encryptPassword(java.lang.String pPassword)

Encrypts a password suitably for long-term storage.

Specified by:

encryptPassword in interface PasswordHasher

encryptPassword

public java.lang.String encryptPassword(java.lang.String pLogin,
                                        java.lang.String pPassword)

Encrypts a password suitably for long-term storage.

Specified by:

encryptPassword in interface PasswordHasher2

Parameters:

pLogin - The login that the password is associated with.

pPassword - The plain-text password to encrypt.

checkPassword

public boolean checkPassword(java.lang.String pLoginPassword,
                             java.lang.String pEncryptedPassword,
                             java.lang.Object pHashKey)

Returns true if the login password matches the encrypted password.

Specified by:

checkPassword in interface PasswordHasher

checkPassword

public boolean checkPassword(java.lang.String pLogin,
                             java.lang.String pLoginPassword,
                             java.lang.String pEncryptedPassword,
                             java.lang.Object pHashKey)

Returns true if the login password matches the encrypted password.

Specified by:

checkPassword in interface PasswordHasher2

Parameters:

pLogin - The login that the password is associated with.

pLoginPassword - The password that has previously been hashed by hashPasswordForLogin().

pEncryptedPassword - The password as it was returned by encryptPassword().

pHashKey - A hash key that was used to hash the password for login, and which may be needed to compare the encrypted password to the hashed password. This is typically some sort of hash initializer that is unique to the PasswordHasher instance.

hashPasswordForLogin

public java.lang.String hashPasswordForLogin(java.lang.String pPassword)

Performs the appropriate hashing function for a login process. This value will later be passed to checkPassword().

Specified by:

hashPasswordForLogin in interface PasswordHasher

hashPasswordForLogin

public java.lang.String hashPasswordForLogin(java.lang.String pLogin,
                                             java.lang.String pPassword)

Performs the appropriate hashing function for a login process. This value will later be passed to checkPassword().

Specified by:

hashPasswordForLogin in interface PasswordHasher2

Parameters:

pLogin - The login that the password is associated with.

pPassword - The plain-text password that is to be hashed prior to supply to checkPassword.

getPasswordHashKey

public java.lang.Object getPasswordHashKey()

Returns the hash key (if any) that was used for hashing the password for login. This must be passed to checkPassword() to verify the validity of the hash.

Specified by:

getPasswordHashKey in interface PasswordHasher

Specified by:

getPasswordHashKey in interface PasswordHasher2

getLoginPasswordHasher

public PasswordHasher getLoginPasswordHasher()

Returns a password hasher instance useful for performing a login. This instance may have a unique password hash key so that each login attempt is hashed differently.

Specified by:

getLoginPasswordHasher in interface PasswordHasher

Specified by:

getLoginPasswordHasher in interface PasswordHasher2

main

public static final void main(java.lang.String[] pArgs)

Main test routine.