org.apache.jackrabbit.core.security.user

Class PasswordUtility

java.lang.Object

org.apache.jackrabbit.core.security.user.PasswordUtility

public class PasswordUtility
extends Object

Utility to generate and compare password hashes.

Field Summary

Fields

Modifier and Type	Field and Description
static String	DEFAULT_ALGORITHM
static int	DEFAULT_ITERATIONS
static int	DEFAULT_SALT_SIZE

Method Summary

Modifier and Type	Method and Description
static String	buildPasswordHash(String password) Generates a hash of the specified password with the default values for algorithm, salt-size and number of iterations.
static String	buildPasswordHash(String password, String algorithm, int saltSize, int iterations) Generates a hash of the specified password using the specified algorithm, salt size and number of iterations into account.
static String	extractAlgorithm(String hashedPwd) Extract the algorithm from the given crypted password string.
static boolean	isPlainTextPassword(String password) Returns true if the specified string doesn't start with a valid algorithm name in curly brackets.
static boolean	isSame(String hashedPassword, String password) Returns true if hash of the specified password equals the given hashed password.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_ALGORITHM

public static final String DEFAULT_ALGORITHM

See Also:

Constant Field Values

DEFAULT_SALT_SIZE

public static final int DEFAULT_SALT_SIZE

See Also:

Constant Field Values

DEFAULT_ITERATIONS

public static final int DEFAULT_ITERATIONS

See Also:

Constant Field Values

Method Detail

buildPasswordHash

public static String buildPasswordHash(String password)
                                throws NoSuchAlgorithmException

Generates a hash of the specified password with the default values for algorithm, salt-size and number of iterations.

Parameters:

password - The password to be hashed.

Returns:

The password hash.

Throws:

NoSuchAlgorithmException - If DEFAULT_ALGORITHM is not supported.

buildPasswordHash

public static String buildPasswordHash(String password,
                                       String algorithm,
                                       int saltSize,
                                       int iterations)
                                throws NoSuchAlgorithmException

Generates a hash of the specified password using the specified algorithm, salt size and number of iterations into account.

Parameters:

password - The password to be hashed.

algorithm - The desired hash algorithm.

saltSize - The desired salt size. If the specified integer is lower that DEFAULT_SALT_SIZE the default is used.

iterations - The desired number of iterations. If the specified integer is lower than 1 the default value is used.

Returns:

The password hash.

Throws:

NoSuchAlgorithmException - If the specified algorithm is not supported.

isPlainTextPassword

public static boolean isPlainTextPassword(String password)

Returns true if the specified string doesn't start with a valid algorithm name in curly brackets.

Parameters:

password - The string to be tested.

Returns:

true if the specified string doesn't start with a valid algorithm name in curly brackets.

isSame

public static boolean isSame(String hashedPassword,
                             String password)

Returns true if hash of the specified password equals the given hashed password.

Parameters:

hashedPassword - Password hash.

password - The password to compare.

Returns:

If the hash of the specified password equals the given hashedPassword string.

extractAlgorithm

public static String extractAlgorithm(String hashedPwd)

Extract the algorithm from the given crypted password string. Returns the algorithm or null if the given string doesn't have a leading algorithm such as created by buildPasswordHash or if the extracted string doesn't represent an available algorithm.

Parameters:

hashedPwd - The password hash.

Returns:

The algorithm or null if the given string doesn't have a leading algorithm such as created by buildPasswordHash or if the extracted string isn't a supported algorithm.