Class PasswordUtility
- java.lang.Object
-
- org.apache.jackrabbit.core.security.user.PasswordUtility
-
public class PasswordUtility extends Object
Utility to generate and compare password hashes.
-
-
Field Summary
Fields Modifier and Type Field Description static StringDEFAULT_ALGORITHMstatic intDEFAULT_ITERATIONSstatic intDEFAULT_SALT_SIZE
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static StringbuildPasswordHash(String password)Generates a hash of the specified password with the default values for algorithm, salt-size and number of iterations.static StringbuildPasswordHash(String password, String algorithm, int saltSize, int iterations)Generates a hash of the specified password using the specified algorithm, salt size and number of iterations into account.static StringextractAlgorithm(String hashedPwd)Extract the algorithm from the given crypted password string.static booleanisPlainTextPassword(String password)Returnstrueif the specified string doesn't start with a valid algorithm name in curly brackets.static booleanisSame(String hashedPassword, String password)Returnstrueif hash of the specifiedpasswordequals the given hashed password.
-
-
-
Field Detail
-
DEFAULT_ALGORITHM
public static final String DEFAULT_ALGORITHM
- See Also:
- Constant Field Values
-
DEFAULT_SALT_SIZE
public static final int DEFAULT_SALT_SIZE
- See Also:
- Constant Field Values
-
DEFAULT_ITERATIONS
public static final int DEFAULT_ITERATIONS
- See Also:
- Constant Field Values
-
-
Method Detail
-
buildPasswordHash
public static String buildPasswordHash(String password) throws NoSuchAlgorithmException
Generates a hash of the specified password with the default values for algorithm, salt-size and number of iterations.- Parameters:
password- The password to be hashed.- Returns:
- The password hash.
- Throws:
NoSuchAlgorithmException- IfDEFAULT_ALGORITHMis not supported.
-
buildPasswordHash
public static String buildPasswordHash(String password, String algorithm, int saltSize, int iterations) throws NoSuchAlgorithmException
Generates a hash of the specified password using the specified algorithm, salt size and number of iterations into account.- Parameters:
password- The password to be hashed.algorithm- The desired hash algorithm.saltSize- The desired salt size. If the specified integer is lower thatDEFAULT_SALT_SIZEthe default is used.iterations- The desired number of iterations. If the specified integer is lower than 1 thedefaultvalue is used.- Returns:
- The password hash.
- Throws:
NoSuchAlgorithmException- If the specified algorithm is not supported.
-
isPlainTextPassword
public static boolean isPlainTextPassword(String password)
Returnstrueif the specified string doesn't start with a valid algorithm name in curly brackets.- Parameters:
password- The string to be tested.- Returns:
trueif the specified string doesn't start with a valid algorithm name in curly brackets.
-
isSame
public static boolean isSame(String hashedPassword, String password)
Returnstrueif hash of the specifiedpasswordequals the given hashed password.- Parameters:
hashedPassword- Password hash.password- The password to compare.- Returns:
- If the hash of the specified
passwordequals the givenhashedPasswordstring.
-
extractAlgorithm
public static String extractAlgorithm(String hashedPwd)
Extract the algorithm from the given crypted password string. Returns the algorithm ornullif the given string doesn't have a leadingalgorithmsuch as created bybuildPasswordHashor if the extracted string doesn't represent an available algorithm.- Parameters:
hashedPwd- The password hash.- Returns:
- The algorithm or
nullif the given string doesn't have a leadingalgorithmsuch as created bybuildPasswordHashor if the extracted string isn't a supported algorithm.
-
-