Class LdapShaPasswordEncoder
java.lang.Object
org.springframework.security.crypto.password.LdapShaPasswordEncoder
- All Implemented Interfaces:
PasswordEncoder
Deprecated.
This
PasswordEncoder
is provided for legacy purposes only and is not considered
secure.
A version of PasswordEncoder
which supports Ldap SHA and SSHA (salted-SHA)
encodings. The values are base-64 encoded and have the label "{SHA}" (or "{SSHA}")
prepended to the encoded hash. These can be made lower-case in the encoded password, if
required, by setting the forceLowerCasePrefix property to true.
Also supports plain text passwords, so can safely be used in cases when both encoded
and non-encoded passwords are in use or when a null implementation is required.-
Constructor Summary
ConstructorDescriptionDeprecated.LdapShaPasswordEncoder
(BytesKeyGenerator saltGenerator) Deprecated. -
Method Summary
Modifier and TypeMethodDescriptionencode
(CharSequence rawPass) Deprecated.Calculates the hash of password (and salt bytes, if supplied) and returns a base64 encoded concatenation of the hash and salt, prefixed with {SHA} (or {SSHA} if salt was used).boolean
matches
(CharSequence rawPassword, String encodedPassword) Deprecated.Checks the validity of an unencoded password against an encoded one in the form "{SSHA}sQuQF8vj8Eg2Y1hPdh3bkQhCKQBgjhQI".void
setForceLowerCasePrefix
(boolean forceLowerCasePrefix) Deprecated.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.springframework.security.crypto.password.PasswordEncoder
upgradeEncoding
-
Constructor Details
-
LdapShaPasswordEncoder
public LdapShaPasswordEncoder()Deprecated. -
LdapShaPasswordEncoder
Deprecated.
-
-
Method Details
-
encode
Deprecated.Calculates the hash of password (and salt bytes, if supplied) and returns a base64 encoded concatenation of the hash and salt, prefixed with {SHA} (or {SSHA} if salt was used).- Specified by:
encode
in interfacePasswordEncoder
- Parameters:
rawPass
- the password to be encoded.- Returns:
- the encoded password in the specified format
-
matches
Deprecated.Checks the validity of an unencoded password against an encoded one in the form "{SSHA}sQuQF8vj8Eg2Y1hPdh3bkQhCKQBgjhQI".- Specified by:
matches
in interfacePasswordEncoder
- Parameters:
rawPassword
- unencoded password to be verified.encodedPassword
- the actual SSHA or SHA encoded password- Returns:
- true if they match (independent of the case of the prefix).
-
setForceLowerCasePrefix
public void setForceLowerCasePrefix(boolean forceLowerCasePrefix) Deprecated.
-
DelegatingPasswordEncoder
which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.