com.acciente.oacc.encryptor

Class TransitioningPasswordEncryptor

java.lang.Object

com.acciente.oacc.encryptor.TransitioningPasswordEncryptor

All Implemented Interfaces:

PasswordEncryptor, Serializable

public class TransitioningPasswordEncryptor
extends Object
implements PasswordEncryptor, Serializable

The purpose of this password encryptor is to provide a means to transition from an existing (aka "old") password encryptor to a new password encryptor in an environment where OACC is already deployed -- where existing passwords in the tables are encrypted using the old password encryptor.

See Also:

Serialized Form

Method Summary

Methods

Modifier and Type	Method and Description
boolean	checkPassword(char[] plainPassword, String encryptedPassword) Checks an unencrypted password against an encrypted one to see if they match.
String	encryptPassword(char[] password) Encrypts a password.
static TransitioningPasswordEncryptor	newInstance(PasswordEncryptor newPasswordEncryptor, PasswordEncryptor oldPasswordEncryptor) Creates a password encryptor that delegates all password hash encryption to the password encryptor provided in the newPasswordEncryptor parameter.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

newInstance

public static TransitioningPasswordEncryptor newInstance(PasswordEncryptor newPasswordEncryptor,
                                         PasswordEncryptor oldPasswordEncryptor)

Creates a password encryptor that delegates all password hash encryption to the password encryptor provided in the newPasswordEncryptor parameter. For decryption/comparison of existing passwords this password encryptor first delegates to the password encryptor provided in the newPasswordEncryptor parameter if that attempts fails by throwing an IllegalArgumentException, this password encryptor retries by delegating to the password encryptor provided in the oldPasswordEncryptor parameter.

Parameters:

newPasswordEncryptor - the new password encryptor to use for hashing all new passwords hashes for storage

oldPasswordEncryptor - the password encryptor that was to hash the passwords already stored in the tables, in other words passwords that have not yet been updated since the transition to the newPasswordEncryptor began.

Returns:

a TransitioningPasswordEncryptor instance.

encryptPassword

public String encryptPassword(char[] password)

Description copied from interface: PasswordEncryptor

Encrypts a password.

Specified by:

encryptPassword in interface PasswordEncryptor

Parameters:

password - the plaintext password as a cleanable char[]

Returns:

the BASE-64 digest of encrypting the specified password

checkPassword

public boolean checkPassword(char[] plainPassword,
                    String encryptedPassword)

Description copied from interface: PasswordEncryptor

Checks an unencrypted password against an encrypted one to see if they match.

Specified by:

checkPassword in interface PasswordEncryptor

Parameters:

plainPassword - the plaintext password as a cleanable char[]

encryptedPassword - the (BASE-64) digest from an earlier encryption against which to check the plaintext password

Returns:

true if passwords match, false otherwise