SaltedMD5PasswordEncoder (hybris Commerce Suite 18.11)

java.lang.Object
- de.hybris.platform.persistence.security.MD5PasswordEncoder
- - de.hybris.platform.persistence.security.SaltedMD5PasswordEncoder

All Implemented Interfaces:

PasswordEncoder, java.io.Serializable

Direct Known Subclasses:

PKbasedSaltedMD5PasswordEncoder

Deprecated.
since ages - deprecated due toGenericSaltedPasswordEncoder introduction and because MD5 is not considered to be safe anymore. It delegates salt-related logic handling to SaltEncodingPolicy bean
```
@Deprecated
public class SaltedMD5PasswordEncoder
extends MD5PasswordEncoder
```
The submitted 'password' will be salted in the following way: + + ,
so the usage of "rainbowtables" for cracking the stored passwords is useless!
The value for SYSTEM_SPECIFC_SALT will be generated by getSystemSpecificSalt()
The Value for USER_SPECIFIC_SALT will be generated by generateUserSpecificSalt(String)
By implementing these methods in your own way,you are able to adapt the encoding/password check process to your needs.

See Also:

Serialized Form

Constructor Summary

Constructors
Constructor and Description

SaltedMD5PasswordEncoder()
Deprecated.

Constructors
Constructor and Description
`SaltedMD5PasswordEncoder()` Deprecated.

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`boolean`	`check(java.lang.String encoded, java.lang.String password)` Deprecated.
`boolean`	`check(java.lang.String uid, java.lang.String encoded, java.lang.String password)` Deprecated. Calculates the hash of 'plain' and compare it with the value of 'encoded'.
`java.lang.String`	`decode(java.lang.String encoded)` Deprecated. Decode the given `encoded` password.
`java.lang.String`	`encode(java.lang.String password)` Deprecated. Unsupported method call! You have to use `encode(String, String )`.
`java.lang.String`	`encode(java.lang.String uid, java.lang.String password)` Deprecated. This implementation will build a string with the following pattern :::: The value for SYSTEM_SPECIFC_SALT will be generated by `getSystemSpecificSalt()` The Value for USER_SPECIFIC_SALT will be generated by `generateUserSpecificSalt(String)` ...
`protected java.lang.String`	`generateUserSpecificSalt(java.lang.String uid)` Deprecated. This implementation will still return the assigned user id.
`java.lang.String`	`getSalt()` Deprecated. Returns the configured SALT (see core-spring-xml).
`protected java.lang.String`	`getSystemSpecificSalt()` Deprecated. This implementation will still return the value of the corresponding spring property or advanced.properties parameter 'password.md5.salt'.
`void`	`setSalt(java.lang.String salt)` Deprecated.
`void`	`setSaltEncodingPolicy(SaltEncodingPolicy saltEncodingPolicy)` Deprecated.

Methods inherited from class de.hybris.platform.persistence.security.MD5PasswordEncoder
calculateMD5

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SaltedMD5PasswordEncoder
```
public SaltedMD5PasswordEncoder()
```
    Deprecated.
- Method Detail
  - encode
```
public java.lang.String encode(java.lang.String password)
```
    Deprecated.
    
    Unsupported method call! You have to use encode(String, String ).
    
    Throws:
    
    JaloSystemException - Unsupported method call! You have to use encode(String, String )
  - encode
```
public java.lang.String encode(java.lang.String uid,
                               java.lang.String password)
```
    Deprecated.
    
    This implementation will build a string with the following pattern
    ::::
    The value for SYSTEM_SPECIFC_SALT will be generated by getSystemSpecificSalt()
    The Value for USER_SPECIFIC_SALT will be generated by generateUserSpecificSalt(String)
    ... and will return the MD5 hash of this constructed string.
    
    Specified by:
    
    encode in interface PasswordEncoder
    
    Overrides:
    
    encode in class MD5PasswordEncoder
    
    Parameters:
    
    uid - the user id
    
    password - the user password
    
    Returns:
    
    the MD5 value of the constructed string expression
    
    See Also:
    
    SaltedMD5PasswordEncoder, PlainTextPasswordEncoder
  - check
```
public boolean check(java.lang.String encoded,
                     java.lang.String password)
```
    Deprecated.
  - check
```
public boolean check(java.lang.String uid,
                     java.lang.String encoded,
                     java.lang.String password)
```
    Deprecated.
    
    Calculates the hash of 'plain' and compare it with the value of 'encoded'.
    
    Specified by:
    
    check in interface PasswordEncoder
    
    Overrides:
    
    check in class MD5PasswordEncoder
    
    Parameters:
    
    uid - will be use for 'salt' generation (values will be salted in the following way: [SYSTEM_SPECIFIC_SALT] + [PASSWORD] + [USER_SPECIFC_SALT])
    See also:{link #getSystemSpecificSalt()} and generateUserSpecificSalt(String).
    
    encoded - could be 'null'
    
    password - could be 'null'
    
    Returns:
    
    true if hash of 'plain' is equals to 'encoded'
    
    See Also:
    
    MD5PasswordEncoder.check(java.lang.String, java.lang.String, java.lang.String)
  - decode
```
public final java.lang.String decode(java.lang.String encoded)
                              throws EJBCannotDecodePasswordException
```
    Deprecated.
    
    Description copied from interface: PasswordEncoder
    
    Decode the given encoded password. Throws exception if this is not possible.
    
    Specified by:
    
    decode in interface PasswordEncoder
    
    Overrides:
    
    decode in class MD5PasswordEncoder
    
    Parameters:
    
    encoded - the encoded password
    
    Returns:
    
    the decoded password
    
    Throws:
    
    EJBCannotDecodePasswordException - if the password cannot be decoded. (MD5 passwords cannot be decoded)
    
    See Also:
    
    MD5PasswordEncoder
  - generateUserSpecificSalt
```
protected java.lang.String generateUserSpecificSalt(java.lang.String uid)
```
    Deprecated.
    
    This implementation will still return the assigned user id.
    
    Parameters:
    
    uid - the suer id
    
    Returns:
    
    uid the user id as assigned
  - getSystemSpecificSalt
```
protected java.lang.String getSystemSpecificSalt()
```
    Deprecated.
    
    This implementation will still return the value of the corresponding spring property or advanced.properties parameter 'password.md5.salt'.
    
    Returns:
    
    systemSpecificSalt the value of the corresponding spring property or advanced.properties parameter 'password.md5.salt'
  - getSalt
```
public java.lang.String getSalt()
```
    Deprecated.
    Returns the configured SALT (see core-spring-xml).
```
 
        
 
 
 
```
    Returns:
    
    the configured SALT
  - setSalt
```
public void setSalt(java.lang.String salt)
```
    Deprecated.
  - setSaltEncodingPolicy
```
public void setSaltEncodingPolicy(SaltEncodingPolicy saltEncodingPolicy)
```
    Deprecated.

Class SaltedMD5PasswordEncoder

Constructor Summary

Method Summary

Methods inherited from class de.hybris.platform.persistence.security.MD5PasswordEncoder

Methods inherited from class java.lang.Object

Constructor Detail

SaltedMD5PasswordEncoder

Method Detail

encode

encode

check

check

decode

generateUserSpecificSalt

getSystemSpecificSalt

getSalt

setSalt

setSaltEncodingPolicy