Package org.apache.archiva.redback.policy.encoders

Class AbstractJAASPasswordEncoder

    • Method Detail

      • setSystemSalt

        public void setSystemSalt​(Object salt)
        Description copied from interface: PasswordEncoder

        Sets the system wide salt to use in the encoder.

        The specified salt will potentially be used by the implementation to "salt" the initial value before encoding. A salt is usually a user-specific value which is added to the password before the digest is computed. This means that computation of digests for common dictionary words will be different than those in the backend store, because the dictionary word digests will not reflect the addition of the salt. If a per-user salt is used (rather than a system-wide salt), it also means users with the same password will have different digest encoded passwords in the backend store.

        Specified by:
        setSystemSalt in interface PasswordEncoder
        Parameters:
        salt - the salt to use as a default for the encoder.

      • encodePassword

        public String encodePassword​(String rawPass,
                             Object salt)
        Description copied from interface: PasswordEncoder

        Encodes the specified raw password with an implementation specific algorithm, using user specific salt.

        This will generally be a one-way message digest such as MD5 or SHA, but may also be a plaintext variant which does no encoding at all, but rather returns the same password it was fed. The latter is useful to plug in when the original password must be stored as-is.

        The specified salt will potentially be used by the implementation to "salt" the initial value before encoding. A salt is usually a user-specific value which is added to the password before the digest is computed. This means that computation of digests for common dictionary words will be different than those in the backend store, because the dictionary word digests will not reflect the addition of the salt. If a per-user salt is used (rather than a system-wide salt), it also means users with the same password will have different digest encoded passwords in the backend store.

        Specified by:
        encodePassword in interface PasswordEncoder
        Parameters:
        rawPass - the password to encode
        salt - optionally used by the implementation to "salt" the raw password before encoding. A null value is legal.
        Returns:
        encoded password

      • isPasswordValid

        public boolean isPasswordValid​(String encPass,
                               String rawPass,
                               Object salt)
        Description copied from interface: PasswordEncoder

        Validates a specified "raw" password against an encoded password, using a user specific salt.

        The encoded password should have previously been generated by PasswordEncoder.encodePassword(String, Object). This method will encode the rawPass (using the optional salt), and then compared it with the presented encPass.

        For a discussion of salts, please refer to PasswordEncoder.encodePassword(String, Object).

        Specified by:
        isPasswordValid in interface PasswordEncoder
        Parameters:
        encPass - a pre-encoded password
        rawPass - a raw password to encode and compare against the pre-encoded password
        salt - optionally used by the implementation to "salt" the raw password before encoding. A null value is legal.
        Returns:
        true if the password is valid , false otherwise

      • encodePassword

        public String encodePassword​(String rawPass)
        Description copied from interface: PasswordEncoder

        Encodes the specified raw password with an implementation specific algorithm, using the system wide salt.

        This will generally be a one-way message digest such as MD5 or SHA, but may also be a plaintext variant which does no encoding at all, but rather returns the same password it was fed. The latter is useful to plug in when the original password must be stored as-is.

        Specified by:
        encodePassword in interface PasswordEncoder
        Parameters:
        rawPass - the password to encode
        Returns:
        encoded password

      • isPasswordValid

        public boolean isPasswordValid​(String encPass,
                               String rawPass)
        Description copied from interface: PasswordEncoder

        Validates a specified "raw" password against an encoded password, using the system wide salt.

        The encoded password should have previously been generated by PasswordEncoder.encodePassword(String). This method will encode the rawPass (using the system wide salt), and then compared it with the presented encPass.

        For an explanation of salts, please refer to PasswordEncoder.setSystemSalt(Object).

        Specified by:
        isPasswordValid in interface PasswordEncoder
        Parameters:
        encPass - a pre-encoded password
        rawPass - a raw password to encode and compare against the pre-encoded password
        Returns:
        true if the password is valid , false otherwise