public class TransitioningPasswordEncryptor extends Object implements PasswordEncryptor, Serializable
Modifier and Type | Method and Description |
---|---|
boolean |
checkPassword(char[] plainPassword,
String encryptedPassword)
Checks an unencrypted password against an encrypted one to see if they match.
|
String |
encryptPassword(char[] password)
Encrypts a password.
|
static TransitioningPasswordEncryptor |
newInstance(PasswordEncryptor newPasswordEncryptor,
PasswordEncryptor oldPasswordEncryptor)
Creates a password encryptor that delegates all password hash encryption to the password encryptor provided in the
newPasswordEncryptor parameter. |
public static TransitioningPasswordEncryptor newInstance(PasswordEncryptor newPasswordEncryptor, PasswordEncryptor oldPasswordEncryptor)
newPasswordEncryptor
parameter. For decryption/comparison of existing passwords this password
encryptor first delegates to the password encryptor provided in the newPasswordEncryptor
parameter if
that attempts fails by throwing an IllegalArgumentException
, this password encryptor retries by
delegating to the password encryptor provided in the oldPasswordEncryptor
parameter.newPasswordEncryptor
- the new password encryptor to use for hashing all new passwords hashes for storageoldPasswordEncryptor
- the password encryptor that was to hash the passwords already stored in the tables, in
other words passwords that have not yet been updated since the transition to the
newPasswordEncryptor
began.TransitioningPasswordEncryptor
instance.public String encryptPassword(char[] password)
PasswordEncryptor
encryptPassword
in interface PasswordEncryptor
password
- the plaintext password as a cleanable char[]public boolean checkPassword(char[] plainPassword, String encryptedPassword)
PasswordEncryptor
checkPassword
in interface PasswordEncryptor
plainPassword
- the plaintext password as a cleanable char[]encryptedPassword
- the (BASE-64) digest from an earlier encryption against which to check the plaintext password
OACC is a Java Application Security Framework developed by Acciente, LLC., released under Apache License 2.0.
Copyright 2009-2017, Acciente, LLC.