Hi When using DefaultPasswordService there is a clarification that may be helpful in the javadocs:
Consider that DefaultPasswordService is a HashingPasswordService. HashingPasswordService has text: https://github.com/apache/shiro/blob/master/core/src/main/java/org/apache/shiro/authc/credential/HashingPasswordService.java#L51-L57 that says that anything passed to the hashPassword() method should be ByteSource. The HashingPasswordService method is written as "Hash hashPassword(Object plaintext)” But in DefaultPasswordService the hashPassword() method which uses the same “Object plaintext” argument contains helper code within the hashPassword implementation that converts to ByteSource: https://github.com/apache/shiro/blob/master/core/src/main/java/org/apache/shiro/authc/credential/DefaultPasswordService.java#L76 So when using DefaultPasswordService, it would seem you don't need to convert to ByteSource, as the DefaultPasswordService’s hashPassword method will do this for you. The problem is evident when using IDEs that inherit the javadocs froms the Interface to provide javadoc descriptions for the method. Regards
