http://git-wip-us.apache.org/repos/asf/shiro-site/blob/5896aacc/static/1.2.1/apidocs/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html ---------------------------------------------------------------------- diff --git a/static/1.2.1/apidocs/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html b/static/1.2.1/apidocs/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html deleted file mode 100644 index 977bff8..0000000 --- a/static/1.2.1/apidocs/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html +++ /dev/null @@ -1,827 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd";> -<!-- NewPage --> -<html lang="en"> -<head> -<!-- Generated by javadoc (version 1.7.0_21) on Thu May 30 14:51:23 PDT 2013 --> -<meta http-equiv="Content-Type" content="text/html" charset="UTF-8"> -<title>HashedCredentialsMatcher (Apache Shiro 1.2.1 API)</title> -<meta name="date" content="2013-05-30"> -<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style"> -</head> -<body> -<script type="text/javascript"><!-- - if (location.href.indexOf('is-external=true') == -1) { - parent.document.title="HashedCredentialsMatcher (Apache Shiro 1.2.1 API)"; - } -//--> -</script> -<noscript> -<div>JavaScript is disabled on your browser.</div> -</noscript> -<!-- Begin Google Analytics code --> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-11551827-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <!-- End Google Analytics code --> -<!-- ========= START OF TOP NAVBAR ======= --> -<div class="topNav"><a name="navbar_top"> -<!-- --> -</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow"> -<!-- --> -</a> -<ul class="navList" title="Navigation"> -<li><a href="../../../../../overview-summary.html">Overview</a></li> -<li><a href="package-summary.html">Package</a></li> -<li class="navBarCell1Rev">Class</li> -<li><a href="class-use/HashedCredentialsMatcher.html">Use</a></li> -<li><a href="package-tree.html">Tree</a></li> -<li><a href="../../../../../deprecated-list.html">Deprecated</a></li> -<li><a href="../../../../../index-all.html">Index</a></li> -<li><a href="../../../../../help-doc.html">Help</a></li> -</ul> -</div> -<div class="subNav"> -<ul class="navList"> -<li><a href="../../../../../org/apache/shiro/authc/credential/DefaultPasswordService.html" title="class in org.apache.shiro.authc.credential"><span class="strong">Prev Class</span></a></li> -<li><a href="../../../../../org/apache/shiro/authc/credential/HashingPasswordService.html" title="interface in org.apache.shiro.authc.credential"><span class="strong">Next Class</span></a></li> -</ul> -<ul class="navList"> -<li><a href="../../../../../index.html?org/apache/shiro/authc/credential/HashedCredentialsMatcher.html" target="_top">Frames</a></li> -<li><a href="HashedCredentialsMatcher.html" target="_top">No Frames</a></li> -</ul> -<ul class="navList" id="allclasses_navbar_top"> -<li><a href="../../../../../allclasses-noframe.html">All Classes</a></li> -</ul> -<div> -<script type="text/javascript"><!-- - allClassesLink = document.getElementById("allclasses_navbar_top"); - if(window==top) { - allClassesLink.style.display = "block"; - } - else { - allClassesLink.style.display = "none"; - } - //--> -</script> -</div> -<div> -<ul class="subNavList"> -<li>Summary: </li> -<li>Nested | </li> -<li><a href="#fields_inherited_from_class_org.apache.shiro.codec.CodecSupport">Field</a> | </li> -<li><a href="#constructor_summary">Constr</a> | </li> -<li><a href="#method_summary">Method</a></li> -</ul> -<ul class="subNavList"> -<li>Detail: </li> -<li>Field | </li> -<li><a href="#constructor_detail">Constr</a> | </li> -<li><a href="#method_detail">Method</a></li> -</ul> -</div> -<a name="skip-navbar_top"> -<!-- --> -</a></div> -<!-- ========= END OF TOP NAVBAR ========= --> -<!-- ======== START OF CLASS DATA ======== --> -<div class="header"> -<div class="subTitle">org.apache.shiro.authc.credential</div> -<h2 title="Class HashedCredentialsMatcher" class="title">Class HashedCredentialsMatcher</h2> -</div> -<div class="contentContainer"> -<ul class="inheritance"> -<li><a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">java.lang.Object</a></li> -<li> -<ul class="inheritance"> -<li><a href="../../../../../org/apache/shiro/codec/CodecSupport.html" title="class in org.apache.shiro.codec">org.apache.shiro.codec.CodecSupport</a></li> -<li> -<ul class="inheritance"> -<li><a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">org.apache.shiro.authc.credential.SimpleCredentialsMatcher</a></li> -<li> -<ul class="inheritance"> -<li>org.apache.shiro.authc.credential.HashedCredentialsMatcher</li> -</ul> -</li> -</ul> -</li> -</ul> -</li> -</ul> -<div class="description"> -<ul class="blockList"> -<li class="blockList"> -<dl> -<dt>All Implemented Interfaces:</dt> -<dd><a href="../../../../../org/apache/shiro/authc/credential/CredentialsMatcher.html" title="interface in org.apache.shiro.authc.credential">CredentialsMatcher</a></dd> -</dl> -<dl> -<dt>Direct Known Subclasses:</dt> -<dd><a href="../../../../../org/apache/shiro/authc/credential/Md2CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Md2CredentialsMatcher</a>, <a href="../../../../../org/apache/shiro/authc/credential/Md5CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Md5CredentialsMatcher</a>, <a href="../../../../../org/apache/shiro/authc/credential/Sha1CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Sha1CredentialsMatcher</a>, <a href="../../../../../org/apache/shiro/authc/credential/Sha256CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Sha256CredentialsMatcher</a>, <a href="../../../../../org/apache/shiro/authc/credential/Sha384CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Sha384CredentialsMatcher</a>, <a href="../../../../../org/apache/shiro/authc/credential/Sha512CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Sha512CredentialsMa tcher</a></dd> -</dl> -<hr> -<br> -<pre>public class <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.120">HashedCredentialsMatcher</a> -extends <a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">SimpleCredentialsMatcher</a></pre> -<div class="block">A <code>HashedCredentialMatcher</code> provides support for hashing of supplied <code>AuthenticationToken</code> credentials - before being compared to those in the <code>AuthenticationInfo</code> from the data store. - <p/> - Credential hashing is one of the most common security techniques when safeguarding a user's private credentials - (passwords, keys, etc). Most developers never want to store their users' credentials in plain form, viewable by - anyone, so they often hash the users' credentials before they are saved in the data store. - <p/> - This class (and its subclasses) function as follows: - <ol> - <li>Hash the <code>AuthenticationToken</code> credentials supplied by the user during their login.</li> - <li>Compare this hashed value directly with the <code>AuthenticationInfo</code> credentials stored in the system - (the stored account credentials are expected to already be in hashed form).</li> - <li>If these two values are <a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#equals(java.lang.Object, java.lang.Object)"><code>equal</code></a>, the submitted credentials match, otherwise - they do not.</li> - </ol> - <h2>Salting and Multiple Hash Iterations</h2> - Because simple hashing is usually not good enough for secure applications, this class also supports 'salting' - and multiple hash iterations. Please read this excellent - <a href="http://www.owasp.org/index.php/Hashing_Java"; _target="blank">Hashing Java article</a> to learn about - salting and multiple iterations and why you might want to use them. (Note of sections 5 - "Why add salt?" and 6 "Hardening against the attacker's attack"). We should also note here that all of - Shiro's Hash implementations (for example, <a href="../../../../../org/apache/shiro/crypto/hash/Md5Hash.html" title="class in org.apache.shiro.crypto.hash"><code>Md5Hash</code></a>, - <a href="../../../../../org/apache/shiro/crypto/hash/Sha1Hash.html" title="class in org.apache.shiro.crypto.hash"><code>Sha1Hash</code></a>, etc) support salting and multiple hash iterations via - overloaded constructors. - <h4>Real World Case Study</h4> - In April 2010, some public Atlassian Jira and Confluence - installations (Apache Software Foundation, Codehaus, etc) were the target of account attacks and user accounts - were compromised. The reason? Jira and Confluence at the time did not salt user passwords and attackers were - able to use dictionary attacks to compromise user accounts (Atlassian has since - <a href="http://blogs.atlassian.com/news/2010/04/oh_man_what_a_day_an_update_on_our_security_breach.html";> - fixed the problem</a> of course). - <p/> - The lesson? - <p/> - <b>ALWAYS, ALWAYS, ALWAYS SALT USER PASSWORDS!</b> - <p/> - <h3>Salting</h3> - Prior to Shiro 1.1, salts could be obtained based on the end-user submitted - <a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc"><code>AuthenticationToken</code></a> via the now-deprecated - <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><code>getSalt(AuthenticationToken)</code></a> method. This however - could constitute a security hole since ideally salts should never be obtained based on what a user can submit. - User-submitted salt mechanisms are <em>much</em> more susceptible to dictionary attacks and <b>SHOULD NOT</b> be - used in secure systems. Instead salts should ideally be a secure randomly-generated number that is generated when - the user account is created. The secure number should never be disseminated to the user and always kept private - by the application. - <h4>Shiro 1.1</h4> - As of Shiro 1.1, it is expected that any salt used to hash the submitted credentials will be obtained from the - stored account information (represented as an <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> instance). This is much - more secure because the salt value remains private to the application (Shiro will never store this value). - <p/> - To enable this, <code>Realm</code>s should return <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> instances - during authentication. <code>HashedCredentialsMatcher</code> implementations will then use the provided - <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><code>credentialsSalt</code></a> for hashing. To avoid - security risks, - <b>it is highly recommended that any existing <code>Realm</code> implementations that support hashed credentials are - updated to return <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> instances as soon as possible</b>. - <h4>Shiro 1.0 Backwards Compatibility</h4> - Because of the identified security risk, <code>Realm</code> implementations that support credentials hashing should - be updated to return <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> instances as - soon as possible. - <p/> - If this is not possible for some reason, this class will retain 1.0 backwards-compatible behavior of obtaining - the salt via the now-deprecated <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><code>getSalt(AuthenticationToken)</code></a> method. This - method will only be invoked if a <code>Realm</code> <em>does not</em> return - <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAutenticationInfo</code></a> instances and <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#isHashSalted()"><code>hashSalted</code></a> is - <code>true</code>. - But please note that the <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#isHashSalted()"><code>hashSalted</code></a> property and the - <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><code>getSalt(AuthenticationToken)</code></a> methods will be removed before the Shiro 2.0 - release. - <h3>Multiple Hash Iterations</h3> - If you hash your users' credentials multiple times before persisting to the data store, you will also need to - set this class's <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setHashIterations(int)"><code>hashIterations</code></a> property. See the - <a href="http://www.owasp.org/index.php/Hashing_Java"; _target="blank">Hashing Java article</a>'s - <a href="http://www.owasp.org/index.php/Hashing_Java#Hardening_against_the_attacker.27s_attack";> - "Hardening against the attacker's attack"</a> section to learn more about why you might want to use - multiple hash iterations. - <h2>MD5 & SHA-1 Notice</h2> - <a href="http://en.wikipedia.org/wiki/MD5";>MD5</a> and - <a href="http://en.wikipedia.org/wiki/SHA_hash_functions";>SHA-1</a> algorithms are now known to be vulnerable to - compromise and/or collisions (read the linked pages for more). While most applications are ok with either of these - two, if your application mandates high security, use the SHA-256 (or higher) hashing algorithms and their - supporting <code>CredentialsMatcher</code> implementations.</div> -<dl><dt><span class="strong">Since:</span></dt> - <dd>0.9</dd> -<dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../org/apache/shiro/crypto/hash/Md5Hash.html" title="class in org.apache.shiro.crypto.hash"><code>Md5Hash</code></a>, -<a href="../../../../../org/apache/shiro/crypto/hash/Sha1Hash.html" title="class in org.apache.shiro.crypto.hash"><code>Sha1Hash</code></a>, -<a href="../../../../../org/apache/shiro/crypto/hash/Sha256Hash.html" title="class in org.apache.shiro.crypto.hash"><code>Sha256Hash</code></a></dd></dl> -</li> -</ul> -</div> -<div class="summary"> -<ul class="blockList"> -<li class="blockList"> -<!-- =========== FIELD SUMMARY =========== --> -<ul class="blockList"> -<li class="blockList"><a name="field_summary"> -<!-- --> -</a> -<h3>Field Summary</h3> -<ul class="blockList"> -<li class="blockList"><a name="fields_inherited_from_class_org.apache.shiro.codec.CodecSupport"> -<!-- --> -</a> -<h3>Fields inherited from class org.apache.shiro.codec.<a href="../../../../../org/apache/shiro/codec/CodecSupport.html" title="class in org.apache.shiro.codec">CodecSupport</a></h3> -<code><a href="../../../../../org/apache/shiro/codec/CodecSupport.html#PREFERRED_ENCODING">PREFERRED_ENCODING</a></code></li> -</ul> -</li> -</ul> -<!-- ======== CONSTRUCTOR SUMMARY ======== --> -<ul class="blockList"> -<li class="blockList"><a name="constructor_summary"> -<!-- --> -</a> -<h3>Constructor Summary</h3> -<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation"> -<caption><span>Constructors</span><span class="tabEnd"> </span></caption> -<tr> -<th class="colOne" scope="col">Constructor and Description</th> -</tr> -<tr class="altColor"> -<td class="colOne"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#HashedCredentialsMatcher()">HashedCredentialsMatcher</a></strong>()</code> -<div class="block">JavaBeans-compatibile no-arg constructor intended for use in IoC/Dependency Injection environments.</div> -</td> -</tr> -<tr class="rowColor"> -<td class="colOne"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#HashedCredentialsMatcher(java.lang.String)">HashedCredentialsMatcher</a></strong>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true"; title="class or interface in java.lang">String</a> hashAlgorithmName)</code> -<div class="block">Creates an instance using the specified <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getHashAlgorithmName()"><code>hashAlgorithmName</code></a> to hash submitted - credentials.</div> -</td> -</tr> -</table> -</li> -</ul> -<!-- ========== METHOD SUMMARY =========== --> -<ul class="blockList"> -<li class="blockList"><a name="method_summary"> -<!-- --> -</a> -<h3>Method Summary</h3> -<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation"> -<caption><span>Methods</span><span class="tabEnd"> </span></caption> -<tr> -<th class="colFirst" scope="col">Modifier and Type</th> -<th class="colLast" scope="col">Method and Description</th> -</tr> -<tr class="altColor"> -<td class="colFirst"><code>boolean</code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#doCredentialsMatch(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">doCredentialsMatch</a></strong>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token, - <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a> info)</code> -<div class="block">This implementation first hashes the <code>token</code>'s credentials, potentially using a - <code>salt</code> if the <code>info</code> argument is a - <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a>.</div> -</td> -</tr> -<tr class="rowColor"> -<td class="colFirst"><code>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a></code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getCredentials(org.apache.shiro.authc.AuthenticationInfo)">getCredentials</a></strong>(<a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a> info)</code> -<div class="block">Returns a <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><code>Hash</code></a> instance representing the already-hashed AuthenticationInfo credentials stored in the system.</div> -</td> -</tr> -<tr class="altColor"> -<td class="colFirst"><code><a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true"; title="class or interface in java.lang">String</a></code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getHashAlgorithmName()">getHashAlgorithmName</a></strong>()</code> -<div class="block">Returns the <code>Hash</code> <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><code>algorithmName</code></a> to use - when performing hashes for credentials matching.</div> -</td> -</tr> -<tr class="rowColor"> -<td class="colFirst"><code>int</code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getHashIterations()">getHashIterations</a></strong>()</code> -<div class="block">Returns the number of times a submitted <code>AuthenticationToken</code>'s credentials will be hashed before - comparing to the credentials stored in the system.</div> -</td> -</tr> -<tr class="altColor"> -<td class="colFirst"><code>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a></code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)">getSalt</a></strong>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token)</code> -<div class="block"><strong>Deprecated.</strong> -<div class="block"><i>since Shiro 1.1. Hash salting is now expected to be based on if the <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> - returned from the <code>Realm</code> is a <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> instance and its - <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><code>getCredentialsSalt()</code></a> method returns a non-null value. - This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return - <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations - that support hashed credentials start returning <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> - instances as soon as possible</b>.<p/> - This is because salts should always be obtained from the stored account information and - never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for - attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user - are almost impossible to break. This method will be removed in Shiro 2.0.</i></div> -</div> -</td> -</tr> -<tr class="rowColor"> -<td class="colFirst"><code>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a></code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#hashProvidedCredentials(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">hashProvidedCredentials</a></strong>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token, - <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a> info)</code> -<div class="block">Hash the provided <code>token</code>'s credentials using the salt stored with the account if the - <code>info</code> instance is an <code>instanceof</code> <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> (see - the class-level JavaDoc for why this is the preferred approach).</div> -</td> -</tr> -<tr class="altColor"> -<td class="colFirst"><code>protected <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash">Hash</a></code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#hashProvidedCredentials(java.lang.Object, java.lang.Object, int)">hashProvidedCredentials</a></strong>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> credentials, - <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> salt, - int hashIterations)</code> -<div class="block">Hashes the provided credentials a total of <code>hashIterations</code> times, using the given salt.</div> -</td> -</tr> -<tr class="rowColor"> -<td class="colFirst"><code>boolean</code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#isHashSalted()">isHashSalted</a></strong>()</code> -<div class="block"><strong>Deprecated.</strong> -<div class="block"><i>since Shiro 1.1. Hash salting is now expected to be based on if the <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> - returned from the <code>Realm</code> is a <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> instance and its - <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><code>getCredentialsSalt()</code></a> method returns a non-null value. - This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return - <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations - that support hashed credentials start returning <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> - instances as soon as possible</b>. - <p/> - This is because salts should always be obtained from the stored account information and - never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for - attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user - are almost impossible to break. This method will be removed in Shiro 2.0.</i></div> -</div> -</td> -</tr> -<tr class="altColor"> -<td class="colFirst"><code>boolean</code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#isStoredCredentialsHexEncoded()">isStoredCredentialsHexEncoded</a></strong>()</code> -<div class="block">Returns <code>true</code> if the system's stored credential hash is Hex encoded, <code>false</code> if it - is Base64 encoded.</div> -</td> -</tr> -<tr class="rowColor"> -<td class="colFirst"><code>protected <a href="../../../../../org/apache/shiro/crypto/hash/AbstractHash.html" title="class in org.apache.shiro.crypto.hash">AbstractHash</a></code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#newHashInstance()">newHashInstance</a></strong>()</code> -<div class="block">Returns a new, <em>uninitialized</em> instance, without its byte array set.</div> -</td> -</tr> -<tr class="altColor"> -<td class="colFirst"><code>void</code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setHashAlgorithmName(java.lang.String)">setHashAlgorithmName</a></strong>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true"; title="class or interface in java.lang">String</a> hashAlgorithmName)</code> -<div class="block">Sets the <code>Hash</code> <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><code>algorithmName</code></a> to use - when performing hashes for credentials matching.</div> -</td> -</tr> -<tr class="rowColor"> -<td class="colFirst"><code>void</code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setHashIterations(int)">setHashIterations</a></strong>(int hashIterations)</code> -<div class="block">Sets the number of times a submitted <code>AuthenticationToken</code>'s credentials will be hashed before comparing - to the credentials stored in the system.</div> -</td> -</tr> -<tr class="altColor"> -<td class="colFirst"><code>void</code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setHashSalted(boolean)">setHashSalted</a></strong>(boolean hashSalted)</code> -<div class="block"><strong>Deprecated.</strong> -<div class="block"><i>since Shiro 1.1. Hash salting is now expected to be based on if the <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> - returned from the <code>Realm</code> is a <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> instance and its - <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><code>getCredentialsSalt()</code></a> method returns a non-null value. - This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return - <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations - that support hashed credentials start returning <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> - instances as soon as possible</b>. - <p/> - This is because salts should always be obtained from the stored account information and - never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for - attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user - are almost impossible to break. This method will be removed in Shiro 2.0.</i></div> -</div> -</td> -</tr> -<tr class="rowColor"> -<td class="colFirst"><code>void</code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setStoredCredentialsHexEncoded(boolean)">setStoredCredentialsHexEncoded</a></strong>(boolean storedCredentialsHexEncoded)</code> -<div class="block">Sets the indicator if this system's stored credential hash is Hex encoded or not.</div> -</td> -</tr> -</table> -<ul class="blockList"> -<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.authc.credential.SimpleCredentialsMatcher"> -<!-- --> -</a> -<h3>Methods inherited from class org.apache.shiro.authc.credential.<a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">SimpleCredentialsMatcher</a></h3> -<code><a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#equals(java.lang.Object, java.lang.Object)">equals</a>, <a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#getCredentials(org.apache.shiro.authc.AuthenticationToken)">getCredentials</a></code></li> -</ul> -<ul class="blockList"> -<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.codec.CodecSupport"> -<!-- --> -</a> -<h3>Methods inherited from class org.apache.shiro.codec.<a href="../../../../../org/apache/shiro/codec/CodecSupport.html" title="class in org.apache.shiro.codec">CodecSupport</a></h3> -<code><a href="../../../../../org/apache/shiro/codec/CodecSupport.html#isByteSource(java.lang.Object)">isByteSource</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#objectToBytes(java.lang.Object)">objectToBytes</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#objectToString(java.lang.Object)">objectToString</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(char[])">toBytes</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(char[], java.lang.String)">toBytes</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(java.io.File)">toBytes</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(java.io.InputStream)">toBytes</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(java.lang.Object)">toBytes</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(java.lang.String)">toBytes</a>, <a href="../. ./../../../org/apache/shiro/codec/CodecSupport.html#toBytes(java.lang.String, java.lang.String)">toBytes</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toChars(byte[])">toChars</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toChars(byte[], java.lang.String)">toChars</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toString(byte[])">toString</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toString(byte[], java.lang.String)">toString</a>, <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toString(java.lang.Object)">toString</a></code></li> -</ul> -<ul class="blockList"> -<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object"> -<!-- --> -</a> -<h3>Methods inherited from class java.lang.<a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a></h3> -<code><a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-exter nal=true#notifyAll()" title="class or interface in java.lang">notifyAll</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#toString()" title="class or interface in java.lang">toString</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long, int)" title="class or interface in java.lang">wait</a></code></li> -</ul> -</li> -</ul> -</li> -</ul> -</div> -<div class="details"> -<ul class="blockList"> -<li class="blockList"> -<!-- ========= CONSTRUCTOR DETAIL ======== --> -<ul class="blockList"> -<li class="blockList"><a name="constructor_detail"> -<!-- --> -</a> -<h3>Constructor Detail</h3> -<a name="HashedCredentialsMatcher()"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>HashedCredentialsMatcher</h4> -<pre>public <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.135">HashedCredentialsMatcher</a>()</pre> -<div class="block">JavaBeans-compatibile no-arg constructor intended for use in IoC/Dependency Injection environments. If you - use this constructor, you <em>MUST</em> also additionally set the - <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setHashAlgorithmName(java.lang.String)"><code>hashAlgorithmName</code></a> property.</div> -</li> -</ul> -<a name="HashedCredentialsMatcher(java.lang.String)"> -<!-- --> -</a> -<ul class="blockListLast"> -<li class="blockList"> -<h4>HashedCredentialsMatcher</h4> -<pre>public <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.149">HashedCredentialsMatcher</a>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true"; title="class or interface in java.lang">String</a> hashAlgorithmName)</pre> -<div class="block">Creates an instance using the specified <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getHashAlgorithmName()"><code>hashAlgorithmName</code></a> to hash submitted - credentials.</div> -<dl><dt><span class="strong">Parameters:</span></dt><dd><code>hashAlgorithmName</code> - the <code>Hash</code> <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><code>algorithmName</code></a> - to use when performing hashes for credentials matching.</dd><dt><span class="strong">Since:</span></dt> - <dd>1.1</dd></dl> -</li> -</ul> -</li> -</ul> -<!-- ============ METHOD DETAIL ========== --> -<ul class="blockList"> -<li class="blockList"><a name="method_detail"> -<!-- --> -</a> -<h3>Method Detail</h3> -<a name="getHashAlgorithmName()"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>getHashAlgorithmName</h4> -<pre>public <a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true"; title="class or interface in java.lang">String</a> <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.165">getHashAlgorithmName</a>()</pre> -<div class="block">Returns the <code>Hash</code> <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><code>algorithmName</code></a> to use - when performing hashes for credentials matching.</div> -<dl><dt><span class="strong">Returns:</span></dt><dd>the <code>Hash</code> <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><code>algorithmName</code></a> to use - when performing hashes for credentials matching.</dd><dt><span class="strong">Since:</span></dt> - <dd>1.1</dd></dl> -</li> -</ul> -<a name="setHashAlgorithmName(java.lang.String)"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>setHashAlgorithmName</h4> -<pre>public void <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.177">setHashAlgorithmName</a>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true"; title="class or interface in java.lang">String</a> hashAlgorithmName)</pre> -<div class="block">Sets the <code>Hash</code> <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><code>algorithmName</code></a> to use - when performing hashes for credentials matching.</div> -<dl><dt><span class="strong">Parameters:</span></dt><dd><code>hashAlgorithmName</code> - the <code>Hash</code> <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><code>algorithmName</code></a> - to use when performing hashes for credentials matching.</dd><dt><span class="strong">Since:</span></dt> - <dd>1.1</dd></dl> -</li> -</ul> -<a name="isStoredCredentialsHexEncoded()"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>isStoredCredentialsHexEncoded</h4> -<pre>public boolean <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.192">isStoredCredentialsHexEncoded</a>()</pre> -<div class="block">Returns <code>true</code> if the system's stored credential hash is Hex encoded, <code>false</code> if it - is Base64 encoded. - <p/> - Default value is <code>true</code> for convenience - all of Shiro's <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><code>Hash#toString()</code></a> - implementations return Hex encoded values by default, making this class's use with those implementations - easier.</div> -<dl><dt><span class="strong">Returns:</span></dt><dd><code>true</code> if the system's stored credential hash is Hex encoded, <code>false</code> if it - is Base64 encoded. Default is <code>true</code></dd></dl> -</li> -</ul> -<a name="setStoredCredentialsHexEncoded(boolean)"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>setStoredCredentialsHexEncoded</h4> -<pre>public void <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.209">setStoredCredentialsHexEncoded</a>(boolean storedCredentialsHexEncoded)</pre> -<div class="block">Sets the indicator if this system's stored credential hash is Hex encoded or not. - <p/> - A value of <code>true</code> will cause this class to decode the system credential from Hex, a - value of <code>false</code> will cause this class to decode the system credential from Base64. - <p/> - Unless overridden via this method, the default value is <code>true</code> for convenience - all of Shiro's - <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><code>Hash#toString()</code></a> implementations return Hex encoded values by default, making this class's use with - those implementations easier.</div> -<dl><dt><span class="strong">Parameters:</span></dt><dd><code>storedCredentialsHexEncoded</code> - the indicator if this system's stored credential hash is Hex - encoded or not ('not' automatically implying it is Base64 encoded).</dd></dl> -</li> -</ul> -<a name="isHashSalted()"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>isHashSalted</h4> -<pre><a href="http://java.sun.com/javase/6/docs/api/java/lang/Deprecated.html?is-external=true"; title="class or interface in java.lang">@Deprecated</a> -public boolean <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.237">isHashSalted</a>()</pre> -<div class="block"><span class="strong">Deprecated.</span> <i>since Shiro 1.1. Hash salting is now expected to be based on if the <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> - returned from the <code>Realm</code> is a <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> instance and its - <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><code>getCredentialsSalt()</code></a> method returns a non-null value. - This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return - <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations - that support hashed credentials start returning <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> - instances as soon as possible</b>. - <p/> - This is because salts should always be obtained from the stored account information and - never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for - attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user - are almost impossible to break. This method will be removed in Shiro 2.0.</i></div> -<div class="block">Returns <code>true</code> if a submitted <code>AuthenticationToken</code>'s credentials should be salted when hashing, - <code>false</code> if it should not be salted. - <p/> - If enabled, the salt used will be obtained via the <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><code>getSalt</code></a> method. - <p/> - The default value is <code>false</code>.</div> -<dl><dt><span class="strong">Returns:</span></dt><dd><code>true</code> if a submitted <code>AuthenticationToken</code>'s credentials should be salted when hashing, - <code>false</code> if it should not be salted.</dd></dl> -</li> -</ul> -<a name="setHashSalted(boolean)"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>setHashSalted</h4> -<pre><a href="http://java.sun.com/javase/6/docs/api/java/lang/Deprecated.html?is-external=true"; title="class or interface in java.lang">@Deprecated</a> -public void <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.263">setHashSalted</a>(boolean hashSalted)</pre> -<div class="block"><span class="strong">Deprecated.</span> <i>since Shiro 1.1. Hash salting is now expected to be based on if the <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> - returned from the <code>Realm</code> is a <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> instance and its - <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><code>getCredentialsSalt()</code></a> method returns a non-null value. - This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return - <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations - that support hashed credentials start returning <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> - instances as soon as possible</b>. - <p/> - This is because salts should always be obtained from the stored account information and - never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for - attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user - are almost impossible to break. This method will be removed in Shiro 2.0.</i></div> -<div class="block">Sets whether or not to salt a submitted <code>AuthenticationToken</code>'s credentials when hashing. - <p/> - If enabled, the salt used will be obtained via the <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><code>getCredentialsSalt</code></a> method. - </p> - The default value is <code>false</code>.</div> -<dl><dt><span class="strong">Parameters:</span></dt><dd><code>hashSalted</code> - whether or not to salt a submitted <code>AuthenticationToken</code>'s credentials when hashing.</dd></dl> -</li> -</ul> -<a name="getHashIterations()"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>getHashIterations</h4> -<pre>public int <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.276">getHashIterations</a>()</pre> -<div class="block">Returns the number of times a submitted <code>AuthenticationToken</code>'s credentials will be hashed before - comparing to the credentials stored in the system. - <p/> - Unless overridden, the default value is <code>1</code>, meaning a normal hash execution will occur.</div> -<dl><dt><span class="strong">Returns:</span></dt><dd>the number of times a submitted <code>AuthenticationToken</code>'s credentials will be hashed before - comparing to the credentials stored in the system.</dd></dl> -</li> -</ul> -<a name="setHashIterations(int)"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>setHashIterations</h4> -<pre>public void <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.291">setHashIterations</a>(int hashIterations)</pre> -<div class="block">Sets the number of times a submitted <code>AuthenticationToken</code>'s credentials will be hashed before comparing - to the credentials stored in the system. - <p/> - Unless overridden, the default value is <code>1</code>, meaning a normal single hash execution will occur. - <p/> - If this argument is less than 1 (i.e. 0 or negative), the default value of 1 is applied. There must always be - at least 1 hash iteration (otherwise there would be no hash).</div> -<dl><dt><span class="strong">Parameters:</span></dt><dd><code>hashIterations</code> - the number of times to hash a submitted <code>AuthenticationToken</code>'s credentials.</dd></dl> -</li> -</ul> -<a name="getSalt(org.apache.shiro.authc.AuthenticationToken)"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>getSalt</h4> -<pre><a href="http://java.sun.com/javase/6/docs/api/java/lang/Deprecated.html?is-external=true"; title="class or interface in java.lang">@Deprecated</a> -protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.321">getSalt</a>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token)</pre> -<div class="block"><span class="strong">Deprecated.</span> <i>since Shiro 1.1. Hash salting is now expected to be based on if the <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>AuthenticationInfo</code></a> - returned from the <code>Realm</code> is a <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> instance and its - <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><code>getCredentialsSalt()</code></a> method returns a non-null value. - This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return - <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations - that support hashed credentials start returning <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> - instances as soon as possible</b>.<p/> - This is because salts should always be obtained from the stored account information and - never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for - attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user - are almost impossible to break. This method will be removed in Shiro 2.0.</i></div> -<div class="block">Returns a salt value used to hash the token's credentials. - <p/> - This default implementation merely returns <code>token.getPrincipal()</code>, effectively using the user's - identity (username, user id, etc) as the salt, a most common technique. If you wish to provide the - authentication token's salt another way, you may override this method.</div> -<dl><dt><span class="strong">Parameters:</span></dt><dd><code>token</code> - the AuthenticationToken submitted during the authentication attempt.</dd> -<dt><span class="strong">Returns:</span></dt><dd>a salt value to use to hash the authentication token's credentials.</dd></dl> -</li> -</ul> -<a name="getCredentials(org.apache.shiro.authc.AuthenticationInfo)"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>getCredentials</h4> -<pre>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.344">getCredentials</a>(<a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a> info)</pre> -<div class="block">Returns a <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><code>Hash</code></a> instance representing the already-hashed AuthenticationInfo credentials stored in the system. - <p/> - This method reconstructs a <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><code>Hash</code></a> instance based on a <code>info.getCredentials</code> call, - but it does <em>not</em> hash that value - it is expected that method call will return an already-hashed value. - <p/> - This implementation's reconstruction effort functions as follows: - <ol> - <li>Convert <code>account.getCredentials()</code> to a byte array via the <a href="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(char[])"><code>toBytes</code></a> method. - <li>If <code>account.getCredentials()</code> was originally a String or char[] before <code>toBytes</code> was - called, check for encoding: - <li>If <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#storedCredentialsHexEncoded"><code>storedCredentialsHexEncoded</code></a>, Hex decode that byte array, otherwise - Base64 decode the byte array</li> - <li>Set the byte[] array directly on the <code>Hash</code> implementation and return it.</li> - </ol></div> -<dl> -<dt><strong>Overrides:</strong></dt> -<dd><code><a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#getCredentials(org.apache.shiro.authc.AuthenticationInfo)">getCredentials</a></code> in class <code><a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">SimpleCredentialsMatcher</a></code></dd> -<dt><span class="strong">Parameters:</span></dt><dd><code>info</code> - the AuthenticationInfo from which to retrieve the credentials which assumed to be in already-hashed form.</dd> -<dt><span class="strong">Returns:</span></dt><dd>a <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><code>Hash</code></a> instance representing the given AuthenticationInfo's stored credentials.</dd></dl> -</li> -</ul> -<a name="doCredentialsMatch(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>doCredentialsMatch</h4> -<pre>public boolean <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.378">doCredentialsMatch</a>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token, - <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a> info)</pre> -<div class="block">This implementation first hashes the <code>token</code>'s credentials, potentially using a - <code>salt</code> if the <code>info</code> argument is a - <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a>. It then compares the hash - against the <code>AuthenticationInfo</code>'s - <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getCredentials(org.apache.shiro.authc.AuthenticationInfo)"><code>already-hashed credentials</code></a>. This method - returns <code>true</code> if those two values are <a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#equals(java.lang.Object, java.lang.Object)"><code>equal</code></a>, <code>false</code> otherwise.</div> -<dl> -<dt><strong>Specified by:</strong></dt> -<dd><code><a href="../../../../../org/apache/shiro/authc/credential/CredentialsMatcher.html#doCredentialsMatch(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">doCredentialsMatch</a></code> in interface <code><a href="../../../../../org/apache/shiro/authc/credential/CredentialsMatcher.html" title="interface in org.apache.shiro.authc.credential">CredentialsMatcher</a></code></dd> -<dt><strong>Overrides:</strong></dt> -<dd><code><a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#doCredentialsMatch(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">doCredentialsMatch</a></code> in class <code><a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">SimpleCredentialsMatcher</a></code></dd> -<dt><span class="strong">Parameters:</span></dt><dd><code>token</code> - the <code>AuthenticationToken</code> submitted during the authentication attempt.</dd><dd><code>info</code> - the <code>AuthenticationInfo</code> stored in the system matching the token principal</dd> -<dt><span class="strong">Returns:</span></dt><dd><code>true</code> if the provided token credentials hash match to the stored account credentials hash, - <code>false</code> otherwise</dd><dt><span class="strong">Since:</span></dt> - <dd>1.1</dd></dl> -</li> -</ul> -<a name="hashProvidedCredentials(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>hashProvidedCredentials</h4> -<pre>protected <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.402">hashProvidedCredentials</a>(<a href="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a> token, - <a href="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</a> info)</pre> -<div class="block">Hash the provided <code>token</code>'s credentials using the salt stored with the account if the - <code>info</code> instance is an <code>instanceof</code> <a href="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><code>SaltedAuthenticationInfo</code></a> (see - the class-level JavaDoc for why this is the preferred approach). - <p/> - If the <code>info</code> instance is <em>not</em> - an <code>instanceof</code> <code>SaltedAuthenticationInfo</code>, the logic will fall back to Shiro 1.0 - backwards-compatible logic: it will first check to see <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#isHashSalted()"><code>isHashSalted</code></a> and if so, will try - to acquire the salt from <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><code>getSalt(AuthenticationToken)</code></a>. See the class-level - JavaDoc for why this is not recommended. This 'fallback' logic exists only for backwards-compatibility. - <code>Realm</code>s should be updated as soon as possible to return <code>SaltedAuthenticationInfo</code> instances - if account credentials salting is enabled (highly recommended for password-based systems).</div> -<dl><dt><span class="strong">Parameters:</span></dt><dd><code>token</code> - the submitted authentication token from which its credentials will be hashed</dd><dd><code>info</code> - the stored account data, potentially used to acquire a salt</dd> -<dt><span class="strong">Returns:</span></dt><dd>the token credentials hash</dd><dt><span class="strong">Since:</span></dt> - <dd>1.1</dd></dl> -</li> -</ul> -<a name="hashProvidedCredentials(java.lang.Object, java.lang.Object, int)"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>hashProvidedCredentials</h4> -<pre>protected <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash">Hash</a> <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.443">hashProvidedCredentials</a>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> credentials, - <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> salt, - int hashIterations)</pre> -<div class="block">Hashes the provided credentials a total of <code>hashIterations</code> times, using the given salt. The hash - implementation/algorithm used is based on the <a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getHashAlgorithmName()"><code>hashAlgorithmName</code></a> property.</div> -<dl><dt><span class="strong">Parameters:</span></dt><dd><code>credentials</code> - the submitted authentication token's credentials to hash</dd><dd><code>salt</code> - the value to salt the hash, or <code>null</code> if a salt will not be used.</dd><dd><code>hashIterations</code> - the number of times to hash the credentials. At least one hash will always occur though, - even if this argument is 0 or negative.</dd> -<dt><span class="strong">Returns:</span></dt><dd>the hashed value of the provided credentials, according to the specified salt and hash iterations.</dd></dl> -</li> -</ul> -<a name="newHashInstance()"> -<!-- --> -</a> -<ul class="blockListLast"> -<li class="blockList"> -<h4>newHashInstance</h4> -<pre>protected <a href="../../../../../org/apache/shiro/crypto/hash/AbstractHash.html" title="class in org.apache.shiro.crypto.hash">AbstractHash</a> <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.454">newHashInstance</a>()</pre> -<div class="block">Returns a new, <em>uninitialized</em> instance, without its byte array set. Used as a utility method in the - <a href="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#getCredentials(org.apache.shiro.authc.AuthenticationInfo)"><code>getCredentials(AuthenticationInfo)</code></a> implementation.</div> -<dl><dt><span class="strong">Returns:</span></dt><dd>a new, <em>uninitialized</em> instance, without its byte array set.</dd></dl> -</li> -</ul> -</li> -</ul> -</li> -</ul> -</div> -</div> -<!-- ========= END OF CLASS DATA ========= --> -<!-- ======= START OF BOTTOM NAVBAR ====== --> -<div class="bottomNav"><a name="navbar_bottom"> -<!-- --> -</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow"> -<!-- --> -</a> -<ul class="navList" title="Navigation"> -<li><a href="../../../../../overview-summary.html">Overview</a></li> -<li><a href="package-summary.html">Package</a></li> -<li class="navBarCell1Rev">Class</li> -<li><a href="class-use/HashedCredentialsMatcher.html">Use</a></li> -<li><a href="package-tree.html">Tree</a></li> -<li><a href="../../../../../deprecated-list.html">Deprecated</a></li> -<li><a href="../../../../../index-all.html">Index</a></li> -<li><a href="../../../../../help-doc.html">Help</a></li> -</ul> -</div> -<div class="subNav"> -<ul class="navList"> -<li><a href="../../../../../org/apache/shiro/authc/credential/DefaultPasswordService.html" title="class in org.apache.shiro.authc.credential"><span class="strong">Prev Class</span></a></li> -<li><a href="../../../../../org/apache/shiro/authc/credential/HashingPasswordService.html" title="interface in org.apache.shiro.authc.credential"><span class="strong">Next Class</span></a></li> -</ul> -<ul class="navList"> -<li><a href="../../../../../index.html?org/apache/shiro/authc/credential/HashedCredentialsMatcher.html" target="_top">Frames</a></li> -<li><a href="HashedCredentialsMatcher.html" target="_top">No Frames</a></li> -</ul> -<ul class="navList" id="allclasses_navbar_bottom"> -<li><a href="../../../../../allclasses-noframe.html">All Classes</a></li> -</ul> -<div> -<script type="text/javascript"><!-- - allClassesLink = document.getElementById("allclasses_navbar_bottom"); - if(window==top) { - allClassesLink.style.display = "block"; - } - else { - allClassesLink.style.display = "none"; - } - //--> -</script> -</div> -<div> -<ul class="subNavList"> -<li>Summary: </li> -<li>Nested | </li> -<li><a href="#fields_inherited_from_class_org.apache.shiro.codec.CodecSupport">Field</a> | </li> -<li><a href="#constructor_summary">Constr</a> | </li> -<li><a href="#method_summary">Method</a></li> -</ul> -<ul class="subNavList"> -<li>Detail: </li> -<li>Field | </li> -<li><a href="#constructor_detail">Constr</a> | </li> -<li><a href="#method_detail">Method</a></li> -</ul> -</div> -<a name="skip-navbar_bottom"> -<!-- --> -</a></div> -<!-- ======== END OF BOTTOM NAVBAR ======= --> -<p class="legalCopy"><small>Copyright © 2004-2013 <a href="http://www.apache.org/";>The Apache Software Foundation</a>. All Rights Reserved.</small></p> -</body> -</html>
http://git-wip-us.apache.org/repos/asf/shiro-site/blob/5896aacc/static/1.2.1/apidocs/org/apache/shiro/authc/credential/HashingPasswordService.html ---------------------------------------------------------------------- diff --git a/static/1.2.1/apidocs/org/apache/shiro/authc/credential/HashingPasswordService.html b/static/1.2.1/apidocs/org/apache/shiro/authc/credential/HashingPasswordService.html deleted file mode 100644 index 0a72e0d..0000000 --- a/static/1.2.1/apidocs/org/apache/shiro/authc/credential/HashingPasswordService.html +++ /dev/null @@ -1,300 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd";> -<!-- NewPage --> -<html lang="en"> -<head> -<!-- Generated by javadoc (version 1.7.0_21) on Thu May 30 14:51:23 PDT 2013 --> -<meta http-equiv="Content-Type" content="text/html" charset="UTF-8"> -<title>HashingPasswordService (Apache Shiro 1.2.1 API)</title> -<meta name="date" content="2013-05-30"> -<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style"> -</head> -<body> -<script type="text/javascript"><!-- - if (location.href.indexOf('is-external=true') == -1) { - parent.document.title="HashingPasswordService (Apache Shiro 1.2.1 API)"; - } -//--> -</script> -<noscript> -<div>JavaScript is disabled on your browser.</div> -</noscript> -<!-- Begin Google Analytics code --> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-11551827-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <!-- End Google Analytics code --> -<!-- ========= START OF TOP NAVBAR ======= --> -<div class="topNav"><a name="navbar_top"> -<!-- --> -</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow"> -<!-- --> -</a> -<ul class="navList" title="Navigation"> -<li><a href="../../../../../overview-summary.html">Overview</a></li> -<li><a href="package-summary.html">Package</a></li> -<li class="navBarCell1Rev">Class</li> -<li><a href="class-use/HashingPasswordService.html">Use</a></li> -<li><a href="package-tree.html">Tree</a></li> -<li><a href="../../../../../deprecated-list.html">Deprecated</a></li> -<li><a href="../../../../../index-all.html">Index</a></li> -<li><a href="../../../../../help-doc.html">Help</a></li> -</ul> -</div> -<div class="subNav"> -<ul class="navList"> -<li><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential"><span class="strong">Prev Class</span></a></li> -<li><a href="../../../../../org/apache/shiro/authc/credential/Md2CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential"><span class="strong">Next Class</span></a></li> -</ul> -<ul class="navList"> -<li><a href="../../../../../index.html?org/apache/shiro/authc/credential/HashingPasswordService.html" target="_top">Frames</a></li> -<li><a href="HashingPasswordService.html" target="_top">No Frames</a></li> -</ul> -<ul class="navList" id="allclasses_navbar_top"> -<li><a href="../../../../../allclasses-noframe.html">All Classes</a></li> -</ul> -<div> -<script type="text/javascript"><!-- - allClassesLink = document.getElementById("allclasses_navbar_top"); - if(window==top) { - allClassesLink.style.display = "block"; - } - else { - allClassesLink.style.display = "none"; - } - //--> -</script> -</div> -<div> -<ul class="subNavList"> -<li>Summary: </li> -<li>Nested | </li> -<li>Field | </li> -<li>Constr | </li> -<li><a href="#method_summary">Method</a></li> -</ul> -<ul class="subNavList"> -<li>Detail: </li> -<li>Field | </li> -<li>Constr | </li> -<li><a href="#method_detail">Method</a></li> -</ul> -</div> -<a name="skip-navbar_top"> -<!-- --> -</a></div> -<!-- ========= END OF TOP NAVBAR ========= --> -<!-- ======== START OF CLASS DATA ======== --> -<div class="header"> -<div class="subTitle">org.apache.shiro.authc.credential</div> -<h2 title="Interface HashingPasswordService" class="title">Interface HashingPasswordService</h2> -</div> -<div class="contentContainer"> -<div class="description"> -<ul class="blockList"> -<li class="blockList"> -<dl> -<dt>All Superinterfaces:</dt> -<dd><a href="../../../../../org/apache/shiro/authc/credential/PasswordService.html" title="interface in org.apache.shiro.authc.credential">PasswordService</a></dd> -</dl> -<dl> -<dt>All Known Implementing Classes:</dt> -<dd><a href="../../../../../org/apache/shiro/authc/credential/DefaultPasswordService.html" title="class in org.apache.shiro.authc.credential">DefaultPasswordService</a></dd> -</dl> -<hr> -<br> -<pre>public interface <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashingPasswordService.html#line.30">HashingPasswordService</a> -extends <a href="../../../../../org/apache/shiro/authc/credential/PasswordService.html" title="interface in org.apache.shiro.authc.credential">PasswordService</a></pre> -<div class="block">A <code>HashingPasswordService</code> is a <a href="../../../../../org/apache/shiro/authc/credential/PasswordService.html" title="interface in org.apache.shiro.authc.credential"><code>PasswordService</code></a> that performs password encryption and comparisons - based on cryptographic <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><code>Hash</code></a>es.</div> -<dl><dt><span class="strong">Since:</span></dt> - <dd>1.2</dd></dl> -</li> -</ul> -</div> -<div class="summary"> -<ul class="blockList"> -<li class="blockList"> -<!-- ========== METHOD SUMMARY =========== --> -<ul class="blockList"> -<li class="blockList"><a name="method_summary"> -<!-- --> -</a> -<h3>Method Summary</h3> -<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation"> -<caption><span>Methods</span><span class="tabEnd"> </span></caption> -<tr> -<th class="colFirst" scope="col">Modifier and Type</th> -<th class="colLast" scope="col">Method and Description</th> -</tr> -<tr class="altColor"> -<td class="colFirst"><code><a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash">Hash</a></code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashingPasswordService.html#hashPassword(java.lang.Object)">hashPassword</a></strong>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> plaintext)</code> -<div class="block">Hashes the specified plaintext password using internal hashing configuration settings pertinent to password - hashing.</div> -</td> -</tr> -<tr class="rowColor"> -<td class="colFirst"><code>boolean</code></td> -<td class="colLast"><code><strong><a href="../../../../../org/apache/shiro/authc/credential/HashingPasswordService.html#passwordsMatch(java.lang.Object, org.apache.shiro.crypto.hash.Hash)">passwordsMatch</a></strong>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> plaintext, - <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash">Hash</a> savedPasswordHash)</code> -<div class="block">Returns <code>true</code> if the <code>submittedPlaintext</code> password matches the existing <code>savedPasswordHash</code>, - <code>false</code> otherwise.</div> -</td> -</tr> -</table> -<ul class="blockList"> -<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.authc.credential.PasswordService"> -<!-- --> -</a> -<h3>Methods inherited from interface org.apache.shiro.authc.credential.<a href="../../../../../org/apache/shiro/authc/credential/PasswordService.html" title="interface in org.apache.shiro.authc.credential">PasswordService</a></h3> -<code><a href="../../../../../org/apache/shiro/authc/credential/PasswordService.html#encryptPassword(java.lang.Object)">encryptPassword</a>, <a href="../../../../../org/apache/shiro/authc/credential/PasswordService.html#passwordsMatch(java.lang.Object, java.lang.String)">passwordsMatch</a></code></li> -</ul> -</li> -</ul> -</li> -</ul> -</div> -<div class="details"> -<ul class="blockList"> -<li class="blockList"> -<!-- ============ METHOD DETAIL ========== --> -<ul class="blockList"> -<li class="blockList"><a name="method_detail"> -<!-- --> -</a> -<h3>Method Detail</h3> -<a name="hashPassword(java.lang.Object)"> -<!-- --> -</a> -<ul class="blockList"> -<li class="blockList"> -<h4>hashPassword</h4> -<pre><a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash">Hash</a> <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashingPasswordService.html#line.68">hashPassword</a>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> plaintext) - throws <a href="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true"; title="class or interface in java.lang">IllegalArgumentException</a></pre> -<div class="block">Hashes the specified plaintext password using internal hashing configuration settings pertinent to password - hashing. - <p/> - Note - that this method is only likely to be used in more complex environments that wish to format and/or save the - returned <code>Hash</code> object in a custom manner. Most applications will find the - <a href="../../../../../org/apache/shiro/authc/credential/PasswordService.html#encryptPassword(java.lang.Object)"><code>encryptPassword</code></a> method suitable enough for safety - and ease-of-use. - <h3>Usage</h3> - The input argument type can be any 'byte backed' <code>Object</code> - almost always either a - String or character array representing passwords (character arrays are often a safer way to represent passwords - as they can be cleared/nulled-out after use. Any argument type supported by - <code>ByteSource.Util#isCompatible(Object)</code> is valid. - <p/> - Regardless of your choice of using Strings or character arrays to represent submitted passwords, you can wrap - either as a <code>ByteSource</code> by using <code>ByteSource.Util</code>, for example, when the passwords are captured as - Strings: - <pre> - ByteSource passwordBytes = ByteSource.Util.bytes(submittedPasswordString); - Hash hashedPassword = hashingPasswordService.hashPassword(passwordBytes); - </pre> - or, identically, when captured as a character array: - <pre> - ByteSource passwordBytes = ByteSource.Util.bytes(submittedPasswordCharacterArray); - Hash hashedPassword = hashingPasswordService.hashPassword(passwordBytes); - </pre></div> -<dl><dt><span class="strong">Parameters:</span></dt><dd><code>plaintext</code> - the raw password as 'byte-backed' object (String, character array, <a href="../../../../../org/apache/shiro/util/ByteSource.html" title="interface in org.apache.shiro.util"><code>ByteSource</code></a>, - etc) usually acquired from your application's 'new user' or 'password reset' workflow.</dd> -<dt><span class="strong">Returns:</span></dt><dd>the hashed password.</dd> -<dt><span class="strong">Throws:</span></dt> -<dd><code><a href="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true"; title="class or interface in java.lang">IllegalArgumentException</a></code> - if the argument cannot be easily converted to bytes as defined by - <code>ByteSource.Util#isCompatible(Object)</code>.</dd><dt><span class="strong">See Also:</span></dt><dd><code>ByteSource.Util#isCompatible(Object)</code>, -<a href="../../../../../org/apache/shiro/authc/credential/PasswordService.html#encryptPassword(java.lang.Object)"><code>PasswordService.encryptPassword(Object)</code></a></dd></dl> -</li> -</ul> -<a name="passwordsMatch(java.lang.Object, org.apache.shiro.crypto.hash.Hash)"> -<!-- --> -</a> -<ul class="blockListLast"> -<li class="blockList"> -<h4>passwordsMatch</h4> -<pre>boolean <a href="../../../../../src-html/org/apache/shiro/authc/credential/HashingPasswordService.html#line.90">passwordsMatch</a>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true"; title="class or interface in java.lang">Object</a> plaintext, - <a href="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash">Hash</a> savedPasswordHash)</pre> -<div class="block">Returns <code>true</code> if the <code>submittedPlaintext</code> password matches the existing <code>savedPasswordHash</code>, - <code>false</code> otherwise. Note that this method is only likely to be used in more complex environments that - save hashes in a custom manner. Most applications will find the - <a href="../../../../../org/apache/shiro/authc/credential/PasswordService.html#passwordsMatch(java.lang.Object, java.lang.String)"><code>passwordsMatch(plaintext,string)</code></a> method - sufficient if <a href="../../../../../org/apache/shiro/authc/credential/PasswordService.html#encryptPassword(java.lang.Object)"><code>encrypting passwords as Strings</code></a>. - <h3>Usage</h3> - The <code>submittedPlaintext</code> argument type can be any 'byte backed' <code>Object</code> - almost always either a - String or character array representing passwords (character arrays are often a safer way to represent passwords - as they can be cleared/nulled-out after use. Any argument type supported by - <code>ByteSource.Util#isCompatible(Object)</code> is valid.</div> -<dl><dt><span class="strong">Parameters:</span></dt><dd><code>plaintext</code> - a raw/plaintext password submitted by an end user/Subject.</dd><dd><code>savedPasswordHash</code> - the previously hashed password known to be associated with an account. - This value is expected to have been previously generated from the - <a href="../../../../../org/apache/shiro/authc/credential/HashingPasswordService.html#hashPassword(java.lang.Object)"><code>hashPassword</code></a> method (typically - when the account is created or the account's password is reset).</dd> -<dt><span class="strong">Returns:</span></dt><dd><code>true</code> if the <code>plaintext</code> password matches the existing <code>savedPasswordHash</code>, - <code>false</code> otherwise.</dd></dl> -</li> -</ul> -</li> -</ul> -</li> -</ul> -</div> -</div> -<!-- ========= END OF CLASS DATA ========= --> -<!-- ======= START OF BOTTOM NAVBAR ====== --> -<div class="bottomNav"><a name="navbar_bottom"> -<!-- --> -</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow"> -<!-- --> -</a> -<ul class="navList" title="Navigation"> -<li><a href="../../../../../overview-summary.html">Overview</a></li> -<li><a href="package-summary.html">Package</a></li> -<li class="navBarCell1Rev">Class</li> -<li><a href="class-use/HashingPasswordService.html">Use</a></li> -<li><a href="package-tree.html">Tree</a></li> -<li><a href="../../../../../deprecated-list.html">Deprecated</a></li> -<li><a href="../../../../../index-all.html">Index</a></li> -<li><a href="../../../../../help-doc.html">Help</a></li> -</ul> -</div> -<div class="subNav"> -<ul class="navList"> -<li><a href="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential"><span class="strong">Prev Class</span></a></li> -<li><a href="../../../../../org/apache/shiro/authc/credential/Md2CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential"><span class="strong">Next Class</span></a></li> -</ul> -<ul class="navList"> -<li><a href="../../../../../index.html?org/apache/shiro/authc/credential/HashingPasswordService.html" target="_top">Frames</a></li> -<li><a href="HashingPasswordService.html" target="_top">No Frames</a></li> -</ul> -<ul class="navList" id="allclasses_navbar_bottom"> -<li><a href="../../../../../allclasses-noframe.html">All Classes</a></li> -</ul> -<div> -<script type="text/javascript"><!-- - allClassesLink = document.getElementById("allclasses_navbar_bottom"); - if(window==top) { - allClassesLink.style.display = "block"; - } - else { - allClassesLink.style.display = "none"; - } - //--> -</script> -</div> -<div> -<ul class="subNavList"> -<li>Summary: </li> -<li>Nested | </li> -<li>Field | </li> -<li>Constr | </li> -<li><a href="#method_summary">Method</a></li> -</ul> -<ul class="subNavList"> -<li>Detail: </li> -<li>Field | </li> -<li>Constr | </li> -<li><a href="#method_detail">Method</a></li> -</ul> -</div> -<a name="skip-navbar_bottom"> -<!-- --> -</a></div> -<!-- ======== END OF BOTTOM NAVBAR ======= --> -<p class="legalCopy"><small>Copyright © 2004-2013 <a href="http://www.apache.org/";>The Apache Software Foundation</a>. All Rights Reserved.</small></p> -</body> -</html>
