Package org.springframework.security.crypto.password

Class NoOpPasswordEncoder

java.lang.Object

org.springframework.security.crypto.password.NoOpPasswordEncoder

All Implemented Interfaces:

PasswordEncoder

@Deprecated
public final class NoOpPasswordEncoder
extends Object
implements PasswordEncoder

Deprecated.

This PasswordEncoder is not secure. Instead use an adaptive one way function like BCryptPasswordEncoder, Pbkdf2PasswordEncoder, or SCryptPasswordEncoder. Even better use DelegatingPasswordEncoder which supports password upgrades. There are no plans to remove this support. It is deprecated to indicate that this is a legacy implementation and using it is considered insecure.

This PasswordEncoder is provided for legacy and testing purposes only and is not considered secure. A password encoder that does nothing. Useful for testing where working with plain text passwords may be preferred.

Method Summary

Modifier and Type	Method	Description
String	encode(CharSequence rawPassword)	Deprecated. Encode the raw password.
static PasswordEncoder	getInstance()	Deprecated. Get the singleton NoOpPasswordEncoder.
boolean	matches(CharSequence rawPassword, String encodedPassword)	Deprecated. Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.crypto.password.PasswordEncoder

upgradeEncoding

Method Details

encode

public String encode(CharSequence rawPassword)

Deprecated.

Description copied from interface: PasswordEncoder

Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or greater hash combined with an 8-byte or greater randomly generated salt.

Specified by:

encode in interface PasswordEncoder

matches

public boolean matches(CharSequence rawPassword,
 String encodedPassword)

Deprecated.

Description copied from interface: PasswordEncoder

Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded. Returns true if the passwords match, false if they do not. The stored password itself is never decoded.

Specified by:

matches in interface PasswordEncoder

Parameters:

rawPassword - the raw password to encode and match

encodedPassword - the encoded password from storage to compare with

Returns:

true if the raw password, after encoding, matches the encoded password from storage

getInstance

public static PasswordEncoder getInstance()

Deprecated.

Get the singleton NoOpPasswordEncoder.