Examples of org.jasypt.util.password.BasicPasswordEncryptor

• org.jasypt.util.password.BasicPasswordEncryptor

  Utility class for easily performing password digesting and checking.

  This class internally holds a {@link StandardStringDigester} configured this way:

  • Algorithm: MD5.
  • Salt size: 8 bytes.
  • Iterations: 1000.

  The required steps to use it are:

  1. Create an instance (using new).
  2. Perform the desired {@link #encryptPassword(String)} or {@link #checkPassword(String,String)} operations.

  This class is thread-safe

  @since 1.2 (class existed as org.jasypt.util.PasswordEncryptor since 1.0) @author Daniel Fernández

public class PasswordUtils {

  public static String encodePassword(String password)
  {
    BasicPasswordEncryptor passwordEncryptor = new BasicPasswordEncryptor();
    String encryptedPassword = passwordEncryptor.encryptPassword(password);

    return encryptedPassword;
  }

    return encryptedPassword;
  }

  public static boolean checkPassword(String plainPassword, String encryptedPassword)
  {
    BasicPasswordEncryptor passwordEncryptor = new BasicPasswordEncryptor();
    return (passwordEncryptor.checkPassword(plainPassword, encryptedPassword));
  }

   * @throws java.lang.Exception
   */
  @Test
  public void testPasswordEncryptionUsingBasicEncryptor() throws Exception {
    // Declare a basic encryptor
    BasicPasswordEncryptor bpe = new BasicPasswordEncryptor();
    // "Encrypt password", is not an real encryption because "Encryptor"
    // generate a digest. by default the MD5 algorithm is used
    String encryptedPassword = bpe.encryptPassword(TEXT_TO_ENCRYPT);
    System.out.printf("testPasswordEncryptionUsingBasicEncryptor : '%s' become '%s'\n", TEXT_TO_ENCRYPT, encryptedPassword);
    // Valid "encrypted" password
    Assert.assertTrue(bpe.checkPassword(TEXT_TO_ENCRYPT, encryptedPassword));
  }

public Usuario saveUser(String nombre, String password, String email,
            String usuarioSkype)throws Exception{

        Usuario usu = new Usuario();
        usu.setNombreUsuario(nombre);
        BasicPasswordEncryptor  encriptador = new BasicPasswordEncryptor ();
        String passEncriptada = encriptador.encryptPassword(password);
        usu.setPassword(passEncriptada);
        usu.setUsuariosSkype(usuarioSkype);
        usu.setFechaRegistro(new Date());
        usu.setEmail(email);
        PermisosUsuarioDAO permUsuDAO = new PermisosUsuarioDAO();

        String usuarioLogin = loginForm.getNombre();
        String password = loginForm.getPass().trim();
            setUsuariosBL(new UsuariosBL());
        Usuario usuario = usuariosBL.getUserByName(usuarioLogin);
            //Encriptar / desencriptar
            BasicPasswordEncryptor  encriptador = new BasicPasswordEncryptor();

            //FIXME: duda como hacer esto más seguro
        if (usuario != null) {
                // Comprobamos la clave
                if (encriptador.checkPassword( password, usuario.getPassword())) {
                    // Rellenamos la información del log
                    logger.info("Login correcto del usuario: " + usuarioLogin);

                    // Metemos en sesión el usuario actual
                    request.getSession().setAttribute(Constantes.USER_INFO,

    setPassword(user, StringUtil.generatePassword());
    userLogDao.logResetPassword(user, moderator);
  }

  private String setPassword(User user, String password) {
    PasswordEncryptor encryptor = new BasicPasswordEncryptor();
    String encryptedPassword = encryptor.encryptPassword(password);

    jdbcTemplate.update("UPDATE users SET passwd=?, lostpwd = 'epoch' WHERE id=?",
        encryptedPassword, user.getId());

    return password;

          String url,
          InternetAddress mail,
          String town,
          String ip
  ) {
    PasswordEncryptor encryptor = new BasicPasswordEncryptor();

    int userid = jdbcTemplate.queryForObject("select nextval('s_uid') as userid", Integer.class);

    jdbcTemplate.update(
            "INSERT INTO users " +
              "(id, name, nick, passwd, url, email, town, score, max_score,regdate) " +
              "VALUES (?,?,?,?,?,?,?,45,45,current_timestamp)",
            userid,
            name,
            nick,
            encryptor.encryptPassword(password),
            url==null?null: URLUtil.fixURL(url),
            mail.getAddress(),
            town
    );

      throw new BadPasswordException(nick);
    }
  }

  public boolean matchPassword(String password) {
    PasswordEncryptor encryptor = new BasicPasswordEncryptor();

    try {
      return encryptor.checkPassword(password, this.password);
    } catch (EncryptionOperationNotPossibleException ex) {
      return false;
    }
  }

     * Checks that the PasswordEncoder has been correctly initialized
     * (either a password encryptor or a string digester has been set).
     */
    private synchronized void checkInitialization() {
        if (this.useEncryptor == null) {
            this.passwordEncryptor = new BasicPasswordEncryptor();
            this.useEncryptor = Boolean.TRUE;
        } else {
            if (this.useEncryptor.booleanValue()) {
                if (this.passwordEncryptor == null) {
                    throw new EncryptionInitializationException(

     * Checks that the PasswordEncoder has been correctly initialized
     * (either a password encryptor or a string digester has been set).
     */
    private synchronized void checkInitialization() {
        if (this.useEncryptor == null) {
            this.passwordEncryptor = new BasicPasswordEncryptor();
            this.useEncryptor = Boolean.TRUE;
        } else {
            if (this.useEncryptor.booleanValue()) {
                if (this.passwordEncryptor == null) {
                    throw new EncryptionInitializationException(