java.lang.Object
- org.apache.catalina.realm.DigestCredentialHandlerBase
- - org.apache.catalina.realm.MessageDigestCredentialHandler

All Implemented Interfaces:

CredentialHandler
```
public class MessageDigestCredentialHandler
extends DigestCredentialHandlerBase
```
This credential handler supports the following forms of stored passwords:
- encodedCredential - a hex encoded digest of the password digested using the configured digest
- {MD5}encodedCredential - a Base64 encoded MD5 digest of the password
- {SHA}encodedCredential - a Base64 encoded SHA1 digest of the password
- {SSHA}encodedCredential - 20 byte Base64 encoded SHA1 digest followed by variable length salt.
```
 {SSHA}<sha-1 digest:20><salt:n>
 
```
- salt$iterationCount$encodedCredential - a hex encoded salt, iteration code and a hex encoded credential, each separated by $
If the stored password form does not include an iteration count then an iteration count of 1 is used.
If the stored password form does not include salt then no salt is used.

Field Summary

Fields
Modifier and Type Field Description

static int DEFAULT_ITERATIONS
- Fields inherited from class org.apache.catalina.realm.DigestCredentialHandlerBase
  DEFAULT_SALT_LENGTH, sm

Constructor Summary

Constructors
Constructor Description

MessageDigestCredentialHandler()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`String`	`getAlgorithm()`
`protected int`	`getDefaultIterations()`
`String`	`getEncoding()`
`protected Log`	`getLog()`
`boolean`	`matches(String inputCredentials, String storedCredentials)`	Checks to see if the input credentials match the stored credentials
`protected String`	`mutate(String inputCredentials, byte[] salt, int iterations)`	Generates the equivalent stored credentials for the given input credentials, salt and iterations.
`void`	`setAlgorithm(String algorithm)`	Set the algorithm used to convert input credentials to stored credentials.
`void`	`setEncoding(String encodingName)`

Methods inherited from class org.apache.catalina.realm.DigestCredentialHandlerBase
equals, equals, getDefaultSaltLength, getIterations, getLogInvalidStoredCredentials, getSaltLength, matchesSaltIterationsEncoded, mutate, mutate, setIterations, setLogInvalidStoredCredentials, setSaltLength

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - DEFAULT_ITERATIONS
```
public static final int DEFAULT_ITERATIONS
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - MessageDigestCredentialHandler
```
public MessageDigestCredentialHandler()
```
- Method Detail
  - getEncoding
```
public String getEncoding()
```
  - setEncoding
```
public void setEncoding(String encodingName)
```
  - getAlgorithm
```
public String getAlgorithm()
```
    Specified by:
    
    getAlgorithm in class DigestCredentialHandlerBase
    
    Returns:
    
    the algorithm used to convert input credentials to stored credentials.
  - setAlgorithm
```
public void setAlgorithm(String algorithm)
                  throws NoSuchAlgorithmException
```
    Description copied from class: DigestCredentialHandlerBase
    
    Set the algorithm used to convert input credentials to stored credentials.
    
    Specified by:
    
    setAlgorithm in class DigestCredentialHandlerBase
    
    Parameters:
    
    algorithm - the algorithm
    
    Throws:
    
    NoSuchAlgorithmException - if the specified algorithm is not supported
  - matches
```
public boolean matches(String inputCredentials,
                       String storedCredentials)
```
    Description copied from interface: CredentialHandler
    
    Checks to see if the input credentials match the stored credentials
    
    Parameters:
    
    inputCredentials - User provided credentials
    
    storedCredentials - Credentials stored in the Realm
    
    Returns:
    
    true if the inputCredentials match the storedCredentials, otherwise false
  - mutate
```
protected String mutate(String inputCredentials,
                        byte[] salt,
                        int iterations)
```
    Description copied from class: DigestCredentialHandlerBase
    
    Generates the equivalent stored credentials for the given input credentials, salt and iterations. If the algorithm requires a key length, the default will be used.
    
    Specified by:
    
    mutate in class DigestCredentialHandlerBase
    
    Parameters:
    
    inputCredentials - User provided credentials
    
    salt - Salt, if any
    
    iterations - Number of iterations of the algorithm associated with this CredentialHandler applied to the inputCredentials to generate the equivalent stored credentials
    
    Returns:
    
    The equivalent stored credentials for the given input credentials or null if the generation fails
  - getDefaultIterations
```
protected int getDefaultIterations()
```
    Specified by:
    
    getDefaultIterations in class DigestCredentialHandlerBase
    
    Returns:
    
    the default number of iterations used by the CredentialHandler.
  - getLog
```
protected Log getLog()
```
    Specified by:
    
    getLog in class DigestCredentialHandlerBase
    
    Returns:
    
    the logger for the CredentialHandler instance.

Class MessageDigestCredentialHandler

Field Summary

Fields inherited from class org.apache.catalina.realm.DigestCredentialHandlerBase

Constructor Summary

Method Summary

Methods inherited from class org.apache.catalina.realm.DigestCredentialHandlerBase

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_ITERATIONS

Constructor Detail

MessageDigestCredentialHandler

Method Detail

getEncoding

setEncoding

getAlgorithm

setAlgorithm

matches

mutate

getDefaultIterations

getLog