Class SaltedPasswordEncoder

java.lang.Object
de.hybris.platform.persistence.security.SaltedPasswordEncoder
All Implemented Interfaces:
PasswordEncoder, Serializable

public class SaltedPasswordEncoder extends Object implements PasswordEncoder
See Also:
  • Constructor Details

    • SaltedPasswordEncoder

      public SaltedPasswordEncoder()
  • Method Details

    • calculateHash

      protected String calculateHash(String plain)
    • encode

      public String encode(String uid, String password)
      This implementation will build a string with the following pattern
      ::::
      The value for SYSTEM_SPECIFC_SALT will be generated by getSystemSpecificSalt()
      The Value for USER_SPECIFIC_SALT will be generated by generateUserSpecificSalt(String)
      ... and will return the hash of this constructed string.
      Specified by:
      encode in interface PasswordEncoder
      Parameters:
      uid - the user id
      password - the user password
      Returns:
      the hashed value of the constructed string expression
      See Also:
    • check

      public boolean check(String uid, String encoded, String plain)
      Description copied from interface: PasswordEncoder
      Checks if the encoded password (from the user, from the database) and the plain password (from the login screen) matches.
      Specified by:
      check in interface PasswordEncoder
      Parameters:
      uid - mostly the user ID and mostly not used. For MD5 used as salt.
      encoded - the encoded password
      plain - the plain text password
      Returns:
      true if they match, false otherwise.
      See Also:
    • decode

      public String decode(String encoded) throws EJBCannotDecodePasswordException
      Description copied from interface: PasswordEncoder
      Decode the given encoded password. Throws exception if this is not possible.
      Specified by:
      decode in interface PasswordEncoder
      Parameters:
      encoded - the encoded password
      Returns:
      the decoded password
      Throws:
      EJBCannotDecodePasswordException - if the password cannot be decoded. (MD5 passwords cannot be decoded)
      See Also:
    • generateUserSpecificSalt

      protected String generateUserSpecificSalt(String uid)
      This implementation will still return the assigned user id.
      Parameters:
      uid - the suer id
      Returns:
      uid the user id as assigned
    • getSystemSpecificSalt

      protected String getSystemSpecificSalt()
      This implementation will still return the value of the corresponding spring property
      Returns:
      systemSpecificSalt the value of the corresponding spring property
    • getSalt

      public String getSalt()
      Returns the configured SALT (see core-spring-xml).
       
              
       
      
       
      Returns:
      the configured SALT
    • setSalt

      public void setSalt(String salt)
    • getAlgorithmn

      public String getAlgorithmn()
      Returns:
      the algorithmn
    • setAlgorithmn

      public void setAlgorithmn(String algorithmn)
      Parameters:
      algorithmn - the algorithmn to set