atg.security

Class SaltedDigestPasswordHasher

java.lang.Object

atg.security.PasswordHasher2Adapter

atg.security.SaltedDigestPasswordHasher

All Implemented Interfaces:

PasswordHasher, PasswordHasher2, java.io.Serializable

public class SaltedDigestPasswordHasher
extends PasswordHasher2Adapter

A password hasher that utilizes the java.security.MessageDigest mechanism for hashing passwords. The login name is used as a salt.

After digestifying the password it is then encoded using the binary-to-text encoding scheme specified by the encoding property ("base16" by default).

This hasher does not support one-time hashing (e.g. login passwords are encoded the same way every time).

See Also:

java.security.MessageDigest;, Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CLASS_VERSION

Constructor Summary

Constructors

Constructor and Description
SaltedDigestPasswordHasher() Creates a SaltedDigestPasswordHasher with a random hash key.
SaltedDigestPasswordHasher(java.lang.Long pHashKey) Creates a SaltedDigestPasswordHasher using a pre-existing hash key.

Method Summary

Methods

Modifier and Type	Method and Description
boolean	checkPassword(java.lang.String pLogin, java.lang.String pLoginPassword, java.lang.String pEncryptedPassword, java.lang.Object pHashKey) Returns true if the login password matches the encrypted password.
java.lang.String	encryptPassword(java.lang.String pLogin, java.lang.String pPassword) Encrypts a password suitably for long-term storage.
java.lang.String	generateSalt() generate a salt
java.lang.String	getAlgorithm() Returns the name of the digestifying algorithm used by this password hasher.
java.lang.String	getEncoding() Returns the name of the encoding scheme used to convert the encrypted password into a string.
int	getHashIterations() get HashIterations
PasswordHasher	getLoginPasswordHasher() Returns a password hasher instance useful for performing a login.
java.lang.Object	getPasswordHashKey() Returns the hash key (if any) that was used for hashing the password for login.
int	getSaltSize() get SaltSize
java.lang.String	hashPasswordForLogin(java.lang.String pLogin, java.lang.String pPassword) Performs the appropriate hashing function for a login process.
void	setAlgorithm(java.lang.String pAlgorithm) Changes the name of the digestifying algorithm used by this password hasher.
void	setEncoding(java.lang.String pMethod) Changes the encoding scheme used to convert the encrypted password into a string.
void	setHashIterations(int pHashIterations) set HashIterations
void	setSaltSize(int pSaltSize) set SaltSize

Methods inherited from class atg.security.PasswordHasher2Adapter

checkPassword, encryptPassword, getPwdHasherComponentPath, hashPasswordForLogin, setPwdHasherComponentPath

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION

Constructor Detail

SaltedDigestPasswordHasher

public SaltedDigestPasswordHasher()

Creates a SaltedDigestPasswordHasher with a random hash key.

SaltedDigestPasswordHasher

public SaltedDigestPasswordHasher(java.lang.Long pHashKey)

Creates a SaltedDigestPasswordHasher using a pre-existing hash key.

Method Detail

getAlgorithm

public java.lang.String getAlgorithm()

Returns the name of the digestifying algorithm used by this password hasher.

setAlgorithm

public void setAlgorithm(java.lang.String pAlgorithm)

Changes the name of the digestifying algorithm used by this password hasher.

getEncoding

public java.lang.String getEncoding()

Returns the name of the encoding scheme used to convert the encrypted password into a string.

See Also:

BinaryToTextEncoders

setEncoding

public void setEncoding(java.lang.String pMethod)

Changes the encoding scheme used to convert the encrypted password into a string.

See Also:

BinaryToTextEncoders

setHashIterations

public void setHashIterations(int pHashIterations)

set HashIterations

Parameters:

pHashIterations - the HashIterations

getHashIterations

public int getHashIterations()

get HashIterations

Returns:

the HashIterations

setSaltSize

public void setSaltSize(int pSaltSize)

set SaltSize

Parameters:

pSaltSize - the SaltSize

getSaltSize

public int getSaltSize()

get SaltSize

Returns:

the SaltSize

getPasswordHashKey

public java.lang.Object getPasswordHashKey()

Returns the hash key (if any) that was used for hashing the password for login. This must be passed to checkPassword() to verify the validity of the hash.

getLoginPasswordHasher

public PasswordHasher getLoginPasswordHasher()

Returns a password hasher instance useful for performing a login. This instance may have a unique password hash key so that each login attempt is hashed differently.

encryptPassword

public java.lang.String encryptPassword(java.lang.String pLogin,
                               java.lang.String pPassword)

Encrypts a password suitably for long-term storage.

checkPassword

public boolean checkPassword(java.lang.String pLogin,
                    java.lang.String pLoginPassword,
                    java.lang.String pEncryptedPassword,
                    java.lang.Object pHashKey)

Returns true if the login password matches the encrypted password.

hashPasswordForLogin

public java.lang.String hashPasswordForLogin(java.lang.String pLogin,
                                    java.lang.String pPassword)

Performs the appropriate hashing function for a login process. This value will later be passed to checkPassword().

generateSalt

public java.lang.String generateSalt()

generate a salt

Specified by:

generateSalt in class PasswordHasher2Adapter

Returns:

a new secure random salt encoded as a string