Field Detail

• sm

  protected static final StringManager sm

• DEFAULT_SALT_LENGTH

  public static final int DEFAULT_SALT_LENGTH

  See Also:

  Constant Field Values

Constructor Detail

• DigestCredentialHandlerBase

  public DigestCredentialHandlerBase()

Method Detail

• getIterations

  public int getIterations()

  Returns:

  the number of iterations of the associated algorithm that will be used when creating a new stored credential for a given input credential.

• setIterations

  public void setIterations(int iterations)

  Set the number of iterations of the associated algorithm that will be used when creating a new stored credential for a given input credential.

  Parameters:

  iterations - the iterations count

• getSaltLength

  public int getSaltLength()

  Returns:

  the salt length that will be used when creating a new stored credential for a given input credential.

• setSaltLength

  public void setSaltLength(int saltLength)

  Set the salt length that will be used when creating a new stored credential for a given input credential.

  Parameters:

  saltLength - the salt length

• getLogInvalidStoredCredentials

  public boolean getLogInvalidStoredCredentials()

  When checking input credentials against stored credentials will a warning message be logged if invalid stored credentials are discovered?

  Returns:

  true if logging will occur

• setLogInvalidStoredCredentials

  public void setLogInvalidStoredCredentials(boolean logInvalidStoredCredentials)

  Set whether a warning message will be logged if invalid stored credentials are discovered while checking input credentials against stored credentials?

  Parameters:

  logInvalidStoredCredentials - true to log, the default value is false

• mutate

  public java.lang.String mutate(java.lang.String userCredential)

  Description copied from interface: CredentialHandler
  Generates the equivalent stored credentials for the given input credentials.

  Specified by:

  mutate in interface CredentialHandler

  Parameters:

  userCredential - User provided credentials

  Returns:

  The equivalent stored credentials for the given input credentials

• matchesSaltIterationsEncoded

  protected boolean matchesSaltIterationsEncoded(java.lang.String inputCredentials,
                                     java.lang.String storedCredentials)

  Checks whether the provided credential matches the stored credential when the stored credential is in the form salt$iteration-count$credential

  Parameters:

  inputCredentials - The input credential

  storedCredentials - The stored credential

  Returns:

  true if they match, otherwise false

• getDefaultSaltLength

  protected int getDefaultSaltLength()

  Returns:

  the default salt length used by the CredentialHandler.

• mutate

  protected abstract java.lang.String mutate(java.lang.String inputCredentials,
                        byte[] salt,
                        int iterations)

  Generates the equivalent stored credentials for the given input credentials, salt and iterations. If the algorithm requires a key length, the default will be used.

  Parameters:

  inputCredentials - User provided credentials

  salt - Salt, if any

  iterations - Number of iterations of the algorithm associated with this CredentialHandler applied to the inputCredentials to generate the equivalent stored credentials

  Returns:

  The equivalent stored credentials for the given input credentials or null if the generation fails

• mutate

  protected java.lang.String mutate(java.lang.String inputCredentials,
                        byte[] salt,
                        int iterations,
                        int keyLength)

  Generates the equivalent stored credentials for the given input credentials, salt, iterations and key length. The default implementation calls ignores the key length and calls mutate(String, byte[], int). Sub-classes that use the key length should override this method.

  Parameters:

  inputCredentials - User provided credentials

  salt - Salt, if any

  iterations - Number of iterations of the algorithm associated with this CredentialHandler applied to the inputCredentials to generate the equivalent stored credentials

  keyLength - Length of the produced digest in bits for implementations where it's applicable

  Returns:

  The equivalent stored credentials for the given input credentials or null if the generation fails

• setAlgorithm

  public abstract void setAlgorithm(java.lang.String algorithm)
                             throws java.security.NoSuchAlgorithmException

  Set the algorithm used to convert input credentials to stored credentials.

  Parameters:

  algorithm - the algorithm

  Throws:

  java.security.NoSuchAlgorithmException - if the specified algorithm is not supported

• getAlgorithm

  public abstract java.lang.String getAlgorithm()

  Returns:

  the algorithm used to convert input credentials to stored credentials.

• getDefaultIterations

  protected abstract int getDefaultIterations()

  Returns:

  the default number of iterations used by the CredentialHandler.

• getLog

  protected abstract Log getLog()

  Returns:

  the logger for the CredentialHandler instance.