public interface PasswordEncryptor
SQLPasswordAuthenticationProvider. The goal is to enable using different password encryption algorithms with the built-in authentication provider.
In OACC v2.0.0-rc.7 and prior the built-in authentication provider always used
Jasypt internally and did not allow other options. Now there are factory methods
to specify the PasswordEncryptor to be used in the built-in authentication provider.
The following password encryptor implementations are provided:
JasyptPasswordEncryptor- hashes passwords using a Jasypt digester and provides the following static factory method(s) for different configuration options:
LegacyJasyptPasswordEncryptorused in OACC v2.0.0-rc.7 or before.
BCryptPasswordEncryptor- hashes passwords using an OpenBSD BCrypt implementation and provides the following static factory method(s) for different configuration options:
TransitioningPasswordEncryptor- provides a means to transition from an existing encryption scheme to a new one in an environment where OACC was already deployed, i.e. where existing passwords in the tables were encrypted with a different or older password encryptor. The transition can be configured with the following static factory method:
String encryptPassword(char password)
password- the plaintext password as a cleanable char
boolean checkPassword(char plainPassword, String encryptedPassword)
plainPassword- the plaintext password as a cleanable char
encryptedPassword- the (BASE-64) digest from an earlier encryption against which to check the plaintext password
OACC is a Java Application Security Framework developed by Acciente, LLC., released under Apache License 2.0.
Copyright 2009-2017, Acciente, LLC.