org.acegisecurity.providers.encoding.BasePasswordEncoder Maven / Gradle / Ivy
/* Copyright 2004 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.acegisecurity.providers.encoding;
/**
*
* Convenience base for all password encoders.
*
*
* @author Ben Alex
* @version $Id: BasePasswordEncoder.java,v 1.2 2005/11/17 00:55:49 benalex Exp $
*/
public abstract class BasePasswordEncoder implements PasswordEncoder {
//~ Methods ================================================================
/**
* Used by subclasses to extract the password and salt from a merged
* String created using {@link
* #mergePasswordAndSalt(String,Object,boolean)}.
*
*
* The first element in the returned array is the password. The second
* element is the salt. The salt array element will always be present,
* even if no salt was found in the mergedPasswordSalt
* argument.
*
*
* @param mergedPasswordSalt as generated by
* mergePasswordAndSalt
*
* @return an array, in which the first element is the password and the
* second the salt
*
* @throws IllegalArgumentException DOCUMENT ME!
*/
protected String[] demergePasswordAndSalt(String mergedPasswordSalt) {
if ((mergedPasswordSalt == null) || "".equals(mergedPasswordSalt)) {
throw new IllegalArgumentException(
"Cannot pass a null or empty String");
}
String password = mergedPasswordSalt;
String salt = "";
int saltBegins = mergedPasswordSalt.lastIndexOf("{");
if ((saltBegins != -1)
&& ((saltBegins + 1) < mergedPasswordSalt.length())) {
salt = mergedPasswordSalt.substring(saltBegins + 1,
mergedPasswordSalt.length() - 1);
password = mergedPasswordSalt.substring(0, saltBegins);
}
return new String[] {password, salt};
}
/**
* Used by subclasses to generate a merged password and salt
* String.
*
*
* The generated password will be in the form of
* password{salt}.
*
*
*
* A null can be passed to either method, and will be handled
* correctly. If the salt is null or empty, the
* resulting generated password will simply be the passed
* password. The toString method of the
* salt will be used to represent the salt.
*
*
* @param password the password to be used (can be null)
* @param salt the salt to be used (can be null)
* @param strict ensures salt doesn't contain the delimiters
*
* @return a merged password and salt String
*
* @throws IllegalArgumentException DOCUMENT ME!
*/
protected String mergePasswordAndSalt(String password, Object salt,
boolean strict) {
if (password == null) {
password = "";
}
if (strict && (salt != null)) {
if ((salt.toString().lastIndexOf("{") != -1)
|| (salt.toString().lastIndexOf("}") != -1)) {
throw new IllegalArgumentException(
"Cannot use { or } in salt.toString()");
}
}
if ((salt == null) || "".equals(salt)) {
return password;
} else {
return password + "{" + salt.toString() + "}";
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy