java.lang.Object
- de.hybris.platform.persistence.security.PBKDF2WithHmacSHA1SaltedPasswordEncoder

All Implemented Interfaces:

PasswordEncoder, java.io.Serializable, org.springframework.beans.factory.InitializingBean
```
public class PBKDF2WithHmacSHA1SaltedPasswordEncoder
extends java.lang.Object
implements PasswordEncoder, org.springframework.beans.factory.InitializingBean
```
Password encoder using the PBKDF2WithHmacSHA1 algorithm.
Note that this encoder is generating a random salt (does not use the user id)! In order to be able to check the salt is stored as part of the encoded hash string.
The encoded format is this: <iterations as int> ':' <salt as hex> ':' <hash as hex>.
It can be made stronger by adjusting the number of iterations (see setIterations(int)) as well as the key length (see setKeyLength(int)).

See Also:

Serialized Form

Nested Class Summary

Nested Classes
Modifier and Type Class Description

protected static class PBKDF2WithHmacSHA1SaltedPasswordEncoder.EncodedHash

Constructor Summary

Constructors
Constructor Description

PBKDF2WithHmacSHA1SaltedPasswordEncoder()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`void`	`afterPropertiesSet()`
`protected byte[]`	`calculateHash(java.lang.String password, byte[] salt, int iterations, int keyLength)`
`boolean`	`check(java.lang.String uid, java.lang.String encoded, java.lang.String plain)`	Checks if the `encoded` password (from the user, from the database) and the `plain` password (from the login screen) matches.
`java.lang.String`	`decode(java.lang.String encoded)`	Decode the given `encoded` password.
`java.lang.String`	`encode(java.lang.String uid, java.lang.String password)`	Returns the encoded password string based on the implementation of this interface and by the given `plain` password.
`void`	`setIterations(int iterations)`
`void`	`setKeyAlgorithm(java.lang.String keyAlgorithm)`
`void`	`setKeyLength(int keyLength)`
`void`	`setSaltAlgorithm(java.lang.String saltAlgorithm)`
`void`	`setSaltLength(int saltLength)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - PBKDF2WithHmacSHA1SaltedPasswordEncoder
```
public PBKDF2WithHmacSHA1SaltedPasswordEncoder()
```
- Method Detail
  - afterPropertiesSet
```
public void afterPropertiesSet()
                        throws java.security.NoSuchAlgorithmException
```
    Specified by:
    
    afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
    
    Throws:
    
    java.security.NoSuchAlgorithmException
  - encode
```
public java.lang.String encode(java.lang.String uid,
                               java.lang.String password)
```
    Description copied from interface: PasswordEncoder
    
    Returns the encoded password string based on the implementation of this interface and by the given plain password. The uid can be used as additional salt (see SaltedMD5PasswordEncoder).
    
    Specified by:
    
    encode in interface PasswordEncoder
    
    Parameters:
    
    uid - mostly userID, mostly not used
    
    password - the plain password
    
    Returns:
    
    the encoded password
    
    See Also:
    
    SaltedMD5PasswordEncoder, PlainTextPasswordEncoder
  - check
```
public boolean check(java.lang.String uid,
                     java.lang.String encoded,
                     java.lang.String plain)
```
    Description copied from interface: PasswordEncoder
    
    Checks if the encoded password (from the user, from the database) and the plain password (from the login screen) matches.
    
    Specified by:
    
    check in interface PasswordEncoder
    
    Parameters:
    
    uid - mostly the user ID and mostly not used. For MD5 used as salt.
    
    encoded - the encoded password
    
    plain - the plain text password
    
    Returns:
    
    true if they match, false otherwise.
    
    See Also:
    
    MD5PasswordEncoder
  - decode
```
public java.lang.String decode(java.lang.String encoded)
                        throws EJBCannotDecodePasswordException
```
    Description copied from interface: PasswordEncoder
    
    Decode the given encoded password. Throws exception if this is not possible.
    
    Specified by:
    
    decode in interface PasswordEncoder
    
    Parameters:
    
    encoded - the encoded password
    
    Returns:
    
    the decoded password
    
    Throws:
    
    EJBCannotDecodePasswordException - if the password cannot be decoded. (MD5 passwords cannot be decoded)
    
    See Also:
    
    MD5PasswordEncoder
  - calculateHash
```
protected byte[] calculateHash(java.lang.String password,
                               byte[] salt,
                               int iterations,
                               int keyLength)
```
  - setIterations
```
public void setIterations(int iterations)
```
  - setKeyLength
```
public void setKeyLength(int keyLength)
```
  - setKeyAlgorithm
```
public void setKeyAlgorithm(java.lang.String keyAlgorithm)
```
  - setSaltAlgorithm
```
public void setSaltAlgorithm(java.lang.String saltAlgorithm)
```
  - setSaltLength
```
public void setSaltLength(int saltLength)
```

Class PBKDF2WithHmacSHA1SaltedPasswordEncoder

Nested Class Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

PBKDF2WithHmacSHA1SaltedPasswordEncoder

Method Detail

afterPropertiesSet

encode

check

decode

calculateHash

setIterations

setKeyLength

setKeyAlgorithm

setSaltAlgorithm

setSaltLength