Package org.appng.core.security
Interface PasswordHandler
-
- All Known Implementing Classes:
BCryptPasswordHandler
public interface PasswordHandler
Provides methods to handle passwords. Different implementations of this interface can provide different algorithms to hash, salt and store a password. It can be expected that the constructor of an implementation of this interface requires anAuthSubject
as argument.- Author:
- Matthias Herlitzius
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
applyPassword(String password)
Hashes and sets the password, clears the salt, sets the last changed date for the passwordString
calculatePasswordResetDigest()
Calculates, sets and returns a salted digest which can be used for the "Forgot password?" function.boolean
isValidPassword(String password)
Checks whether the password is valid for the currentAuthSubject
.boolean
isValidPasswordResetDigest(String digest)
Checks whether the digest is valid for the currentAuthSubject
.void
migrate(CoreService service, String password)
Migrates passwords of the currentPasswordHandler
instance to passwords handled byCoreService.getDefaultPasswordHandler(org.appng.api.model.AuthSubject)
.
-
-
-
Method Detail
-
applyPassword
void applyPassword(String password)
Hashes and sets the password, clears the salt, sets the last changed date for the password- Parameters:
password
- The cleartext password.- See Also:
AuthSubject.setDigest(String)
,AuthSubject.setSalt(String)
,AuthSubject.setPasswordLastChanged(java.util.Date)
-
isValidPassword
boolean isValidPassword(String password)
Checks whether the password is valid for the currentAuthSubject
.- Parameters:
password
- The cleartext password.- Returns:
true
if the password is valid, false if it is invalid.- See Also:
AuthSubject.getDigest()
-
calculatePasswordResetDigest
String calculatePasswordResetDigest()
Calculates, sets and returns a salted digest which can be used for the "Forgot password?" function.- Returns:
- A digest.
- See Also:
AuthSubject.setSalt(String)
,isValidPasswordResetDigest(String)
-
isValidPasswordResetDigest
boolean isValidPasswordResetDigest(String digest)
Checks whether the digest is valid for the currentAuthSubject
.- Parameters:
digest
- The digest.- Returns:
true
if the digest is valid, false if it is invalid.- See Also:
AuthSubject.getSalt()
,calculatePasswordResetDigest()
-
migrate
void migrate(CoreService service, String password)
Migrates passwords of the currentPasswordHandler
instance to passwords handled byCoreService.getDefaultPasswordHandler(org.appng.api.model.AuthSubject)
.- Parameters:
service
- Instance ofCoreService
password
- The current password.
-
-