Examples of PasswordEncoder

• org.acegisecurity.providers.encoding.PasswordEncoder

  Interface for performing authentication operations on a password.

  @author colin sampaleanu @version $Id: PasswordEncoder.java 1784 2007-02-24 21:00:24Z luke_t $
• org.apache.archiva.redback.policy.PasswordEncoder
• org.codehaus.plexus.security.policy.PasswordEncoder
• org.jasypt.spring.security3.PasswordEncoder

  This class implements the Spring Security 3.x org.springframework.security.authentication.encoding.PasswordEncoder interface, allowing Spring Security-enabled applications to use JASYPT for password encryption.

  Objects of this class will internally hold either an object of type org.jasypt.util.password.PasswordEncryptor or an object of type org.jasypt.digest.StringDigester (only one of them), which should be set by respectively calling {@link #setPasswordEncryptor(PasswordEncryptor)} or{@link #setStringDigester(StringDigester)}after creation. If neither a PasswordEncryptor nor a StringDigester are set, a new org.jasypt.util.password.BasicPasswordEncryptor object is created and internally used.

  Important: This implementation ignores any salt provided through the interface methods, as the internal Jasypt PasswordEncryptor or StringDigester objects normally use a random one. This means that salt can be safely passed as null.

  Usage with a PasswordEncryptor

  This class can be used like this from your Spring XML resource files:

   ... <!-- Your application may use the PasswordEncryptor in several places, -->  <!-- like for example at new user sign-up.                             -->  <bean id="jasyptPasswordEncryptor" class="org.jasypt.util.password.StrongPasswordEncryptor" /> ... ... <!-- This Spring Security-friendly PasswordEncoder implementation will --> <!-- wrap the PasswordEncryptor instance so that it can be used from   --> <!-- the security framework.                                           --> <bean id="passwordEncoder" class="org.jasypt.spring.security2.PasswordEncoder"> <property name="passwordEncryptor"> <ref bean="jasyptPasswordEncryptor" /> </property> </bean> ... ... <!-- Your DaoAuthenticationProvider will then use it like with any     --> <!-- other implementation of the PasswordEncoder interface.            --> <bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService"/> <property name="passwordEncoder"> <ref bean="passwordEncoder" /> </property> </bean> ... 

  Usage with a StringDigester

  This class can be used like this from your Spring XML resource files:

   ... <!-- Your application may use the StringDigester in several places,    -->  <!-- like for example at new user sign-up.                             -->  <bean id="jasyptStringDigester" class="org.jasypt.digest.StandardStringDigester" > <property name="algorithm" value="SHA-1" /> <property name="iterations" value="100000" /> </bean> ... ... <!-- This Spring Security-friendly PasswordEncoder implementation will --> <!-- wrap the StringDigester instance so that it can be used from      --> <!-- the security framework.                                           --> <bean id="passwordEncoder" class="org.jasypt.spring.security2.PasswordEncoder"> <property name="stringDigester"> <ref bean="jasyptStringDigester" /> </property> </bean> ... ... <!-- Your DaoAuthenticationProvider will then use it like with any     --> <!-- other implementation of the PasswordEncoder interface.            --> <bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService"/> <property name="passwordEncoder"> <ref bean="passwordEncoder" /> </property> </bean> ... 

  This class is thread-safe

  @since 1.6 @author Daniel Fernández
• org.springframework.security.authentication.encoding.PasswordEncoder
  Interface for performing authentication operations on a password. @author colin sampaleanu @deprecated It is recommended to use{@link org.springframework.security.crypto.password.PasswordEncoder}instead which better accommodates best practice of randomly generated salt that is included with the password.
• org.springframework.security.crypto.password.PasswordEncoder
  Service interface for encoding passwords. The preferred implementation is {@code BCryptPasswordEncoder}. @author Keith Donald
• org.springframework.security.providers.encoding.PasswordEncoder

Examples of org.springframework.security.authentication.encoding.PasswordEncoder

        }

        if (passwordEncoder instanceof org.springframework.security.crypto.password.PasswordEncoder) {
            final org.springframework.security.crypto.password.PasswordEncoder delegate =
                    (org.springframework.security.crypto.password.PasswordEncoder)passwordEncoder;
            setPasswordEncoder(new PasswordEncoder() {
                public String encodePassword(String rawPass, Object salt) {
                    checkSalt(salt);
                    return delegate.encode(rawPass);
                }

Examples of org.springframework.security.authentication.encoding.PasswordEncoder

        }

        if (passwordEncoder instanceof org.springframework.security.crypto.password.PasswordEncoder) {
            final org.springframework.security.crypto.password.PasswordEncoder delegate =
                    (org.springframework.security.crypto.password.PasswordEncoder)passwordEncoder;
            setPasswordEncoder(new PasswordEncoder() {
                public String encodePassword(String rawPass, Object salt) {
                    checkSalt(salt);
                    return delegate.encode(rawPass);
                }

Examples of org.springframework.security.authentication.encoding.PasswordEncoder

        SaltSource saltSource = createNiceMock(SaltSource.class);
        UserDetails userDetails = createNiceMock(UserDetails.class);
        expect(userDetails.getUsername()).andReturn("valid.user");
        expect(userDetails.getPassword()).andReturn("valid.password");
        expect(saltSource.getSalt(userDetails)).andReturn("salt");
        PasswordEncoder passwordEncoder = createNiceMock(PasswordEncoder.class);
        expect(passwordEncoder.encodePassword("valid.password", "salt")).andReturn("valid.password");
        replay(saltSource, userDetails, passwordEncoder);

        ReflectionTestUtils.setField(newAccountService, "saltSource", saltSource);
        ReflectionTestUtils.setField(newAccountService, "passwordEncoder", passwordEncoder);

Examples of org.springframework.security.authentication.encoding.PasswordEncoder

        }
    }

    private String getHash() throws NoSuchAlgorithmException, UnsupportedEncodingException
    {
        PasswordEncoder encoder = new Md5PasswordEncoder();
        String hashedPass = encoder.encodePassword(password, null);

        password = password.replaceAll(".*", "0");
        passwordConf = passwordConf.replaceAll(".*", "0");
        return hashedPass;
    }

Examples of org.springframework.security.authentication.encoding.PasswordEncoder

    private UserDTO user;

        @DefaultHandler
        public Resolution registerAdmin(){
        user.setAuthority("ROLE_SUPERVISOR");
        PasswordEncoder encoder = new ShaPasswordEncoder();
        String hashedPass = encoder.encodePassword(user.getPassword(), user.getName());
        user.setPassword(hashedPass);

        try{
        service.create(user);}
        catch(PersistenceException ex){

Examples of org.springframework.security.authentication.encoding.PasswordEncoder

    private UserDTO user;

        @DefaultHandler
    public Resolution register(){
        user.setAuthority("ROLE_USER");
        PasswordEncoder encoder = new ShaPasswordEncoder();
        String hashedPass = encoder.encodePassword(user.getPassword(), user.getName());
        user.setPassword(hashedPass);
        //service.create(user);

        try{
        service.create(user);}

Examples of org.springframework.security.authentication.encoding.PasswordEncoder

        /*String[] beans = ctx.getBeanDefinitionNames();
        for (String bean : beans) {
            log.debug(bean);
        }*/

        PasswordEncoder passwordEncoder = null;
        try {
            ProviderManager provider = (ProviderManager) ctx.getBean("org.springframework.security.authentication.ProviderManager#0");
            for (Object o : provider.getProviders()) {
                AuthenticationProvider p = (AuthenticationProvider) o;
                if (p instanceof RememberMeAuthenticationProvider) {
                    config.put("rememberMeEnabled", Boolean.TRUE);
                } else if (ctx.getBean("passwordEncoder") != null) {
                    passwordEncoder = (PasswordEncoder) ctx.getBean("passwordEncoder");
                }
            }
        } catch (NoSuchBeanDefinitionException n) {
            log.debug("authenticationManager bean not found, assuming test and ignoring...");
            // ignore, should only happen when testing
        }

        context.setAttribute(Constants.CONFIG, config);

        // output the retrieved values for the Init and Context Parameters
        if (log.isDebugEnabled()) {
            log.debug("Remember Me Enabled? " + config.get("rememberMeEnabled"));
            if (passwordEncoder != null) {
                log.debug("Password Encoder: " + passwordEncoder.getClass().getSimpleName());
            }
            log.debug("Populating drop-downs...");
        }

        setupContext(context);

Examples of org.springframework.security.authentication.encoding.PasswordEncoder

  public static void main(String[] args) {
    if (args.length != 3) {
      System.out.println("Usage : [md5|sha|plaintext] username password");
    } else if (args[0].equals("md5")) {
      PasswordEncoder encoder = new Md5PasswordEncoder();
      System.out.println(encoder.encodePassword(args[2], args[1]));
    } else if (args[0].equals("sha")) {
      PasswordEncoder encoder = new ShaPasswordEncoder();
      System.out.println(encoder.encodePassword(args[2], args[1]));
    } else if (args[0].equals("plaintext")) {
      PasswordEncoder encoder = new PlaintextPasswordEncoder();
      System.out.println(encoder.encodePassword(args[2], args[1]));
    } else {
      System.out.println("Algorithm must be md5, sha or plaintext");
    }
  }

Examples of org.springframework.security.authentication.encoding.PasswordEncoder

      return;
    }

    if (passwordEncoder instanceof org.springframework.security.crypto.password.PasswordEncoder) {
      final org.springframework.security.crypto.password.PasswordEncoder delegate = cast(passwordEncoder);
      this.passwordEncoder = new PasswordEncoder() {
        public String encodePassword(String rawPass, Object salt) {
          checkSalt(salt);
          return delegate.encode(rawPass);
        }

Examples of org.springframework.security.authentication.encoding.PasswordEncoder

   * 如果用户名或密码错误则抛出异常.
   */
  public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {

    WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
    PasswordEncoder encoder = new ShaPasswordEncoder();
    User user = accountManager.findUserByLoginName(pc.getIdentifier());

    if (user == null) {
      throw new IOException("wrong login name " + pc.getIdentifier());
    }
    //对WSPasswordCallback中的明文密码进行sha1散列, 再与数据库中保存的用户sha1散列密码进行比较.
    if (!encoder.isPasswordValid(user.getShaPassword(), pc.getPassword(), null)) {
      throw new IOException("wrong password " + pc.getPassword() + " for " + pc.getIdentifier());
    }
  }