All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.acegisecurity.providers.encoding.PlaintextPasswordEncoder Maven / Gradle / Ivy

There is a newer version: 1.0.7
Show newest version
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.acegisecurity.providers.encoding;

/**
 * 

Plaintext implementation of PasswordEncoder.

*

As callers may wish to extract the password and salts separately from the encoded password, the salt must * not contain reserved characters (specifically '{' and '}').

* * @author colin sampaleanu * @author Ben Alex * @version $Id: PlaintextPasswordEncoder.java 1496 2006-05-23 13:38:33Z benalex $ */ public class PlaintextPasswordEncoder extends BasePasswordEncoder { //~ Instance fields ================================================================================================ private boolean ignorePasswordCase = false; //~ Methods ======================================================================================================== public String encodePassword(String rawPass, Object salt) { return mergePasswordAndSalt(rawPass, salt, true); } public boolean isIgnorePasswordCase() { return ignorePasswordCase; } public boolean isPasswordValid(String encPass, String rawPass, Object salt) { String pass1 = encPass + ""; // Strict delimiters is false because pass2 never persisted anywhere // and we want to avoid unnecessary exceptions as a result (the // authentication will fail as the encodePassword never allows them) String pass2 = mergePasswordAndSalt(rawPass, salt, false); if (!ignorePasswordCase) { return pass1.equals(pass2); } else { return pass1.equalsIgnoreCase(pass2); } } /** * Demerges the previously {@link #encodePassword(String, Object)}String.

The resulting * array is guaranteed to always contain two elements. The first is the password, and the second is the salt.

*

Throws an exception if null or an empty String is passed to the method.

* * @param password from {@link #encodePassword(String, Object)} * * @return an array containing the password and salt */ public String[] obtainPasswordAndSalt(String password) { return demergePasswordAndSalt(password); } /** * Indicates whether the password comparison is case sensitive.

Defaults to false, meaning * an exact case match is required.

* * @param ignorePasswordCase set to true for less stringent comparison */ public void setIgnorePasswordCase(boolean ignorePasswordCase) { this.ignorePasswordCase = ignorePasswordCase; } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy