Package org.opencastproject.kernel.security

Class CustomPasswordEncoder

java.lang.Object

org.opencastproject.kernel.security.CustomPasswordEncoder

All Implemented Interfaces:

org.springframework.security.authentication.encoding.PasswordEncoder

public class CustomPasswordEncoder
extends Object
implements org.springframework.security.authentication.encoding.PasswordEncoder

Password encoder using bcrypt for password hashing while still supporting the verification of olf md5 based passwords.

Constructor Summary

Constructors

Constructor	Description
CustomPasswordEncoder()

Method Summary

Modifier and Type	Method	Description
String	encodePassword(String rawPassword)	Encode the raw password for storage using bcrypt.
String	encodePassword(String rawPassword, Object ignored)	Encode the raw password for storage using bcrypt.
boolean	isPasswordValid(String encodedPassword, String rawPassword, Object salt)	Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.
static String	md5Encode(String clearText, Object salt)	Encode a clear text password using Opencast's legacy MD5 based hashing with salt.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CustomPasswordEncoder

public CustomPasswordEncoder()

Method Details

encodePassword

public String encodePassword(String rawPassword)

Encode the raw password for storage using bcrypt.

Parameters:

rawPassword - raw password to encrypt/hash

Returns:

hashed password

encodePassword

public String encodePassword(String rawPassword,
 Object ignored)

Encode the raw password for storage using bcrypt.

Specified by:

encodePassword in interface org.springframework.security.authentication.encoding.PasswordEncoder

Parameters:

rawPassword - raw password to encrypt/hash

ignored - This parameter will not be used. A random salt is generated by bcrypt.

Returns:

hashed password

isPasswordValid

public boolean isPasswordValid(String encodedPassword,
 String rawPassword,
 Object salt)

Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded. Returns true if the passwords match, false if they do not. The stored password itself is never decoded.

Specified by:

isPasswordValid in interface org.springframework.security.authentication.encoding.PasswordEncoder

Parameters:

encodedPassword - the encoded password from storage to compare with

rawPassword - the raw password to encode and match

Returns:

true if the raw password, after encoding, matches the encoded password from storage

md5Encode

public static String md5Encode(String clearText,
 Object salt)
                        throws IllegalArgumentException

Encode a clear text password using Opencast's legacy MD5 based hashing with salt. The username was used as salt for this.

Parameters:

clearText - the password

salt - the salt

Returns:

the hashed password

Throws:

IllegalArgumentException - if clearText or salt are null