com.antelmann.db
Class SecureUserImpl
java.lang.Object
com.antelmann.db.AbstractDBEntry
com.antelmann.db.PropertyEntryImpl
com.antelmann.db.UserImpl
com.antelmann.db.SecureUserImpl
- All Implemented Interfaces:
- DBEntry, PropertyEntry, User, DetailedString, Enabled, Serializable, Comparable<User>, Principal
public class SecureUserImpl
- extends UserImpl
provides an implementation that uses a secure way of storing hashed passwords using
appropriate algorithms along with some randomly generated salt.
If you want to change the salt in use for this user, simply call UserImpl.setPassword(char[])
with parameter null before you change the password to the new value.
With this implementation, the password hash will always have 41 characters.
Note that the password hash is different even if the password itself is the same
if a different salt is used (which is practically always the case if the password was reset earlier).
- Since:
- 01.04.2014, 13:01:29
- Author:
- Holger Antelmann
- See Also:
- Serialized Form
| Fields inherited from interface com.antelmann.util.Enabled |
FILTER |
|
Method Summary |
protected byte[] |
generateInitalSalt()
|
protected String |
hashPassword(char[] password)
if a password has been set before, it will reuse its salt, which is included in the actual hash
(appended by the standard hash separated by a special character as separator) |
| Methods inherited from class com.antelmann.db.UserImpl |
checkPassword, clearAllAccess, compareTo, copyAccessRightsFrom, equals, getAccessFilter, getAccessibleObjects, getEmail, getName, getPasswordHash, getUserDescription, hasAccess, isEnabled, resetPassword, setAccess, setAccessFilter, setEmail, setEnabled, setName, setPassword, setPasswordHash, setUserDescription, toString |
| Methods inherited from class com.antelmann.db.PropertyEntryImpl |
addPropertyChangeListener, addPropertyChangeListener, addVetoableChangeListener, addVetoableChangeListener, asProperties, canRedo, canUndo, checkPropertyChange, clearProperties, containsPropertyText, containsValuePattern, equalWithProperties, equalWithProperties, getBoolean, getNumber, getProperties, getProperty, getProperty, getPropertyChangeListeners, getPropertyComparator, getPropertyExtractor, getPropertyExtractor, getPropertyKeys, getStringExtractor, getVetoableChangeListeners, isCaseInsensitive, isChangeListenerSupportEnabled, isKeyIn, isUndoSupport, isVetoableChangeSupportEnabled, putAll, redo, removeProperty, removePropertyChangeListener, removeVetoableChangeListener, setAllFrom, setCaseInsensitive, setChangeListenerSupport, setProperty, setUndoSupported, setVetoableChangeSupport, toDetailedString, undo, verifyProperties |
| Methods inherited from interface com.antelmann.db.DBEntry |
getID |
SecureUserImpl
public SecureUserImpl(Object id,
String name,
String passwordHash,
boolean enabled,
String description)
SecureUserImpl
public SecureUserImpl(Object id,
String name,
String passwordHash,
boolean active)
SecureUserImpl
public SecureUserImpl(Object id,
String name)
SecureUserImpl
public SecureUserImpl(Object id,
User user)
SecureUserImpl
public SecureUserImpl(Object idAndName)
hashPassword
protected String hashPassword(char[] password)
- if a password has been set before, it will reuse its salt, which is included in the actual hash
(appended by the standard hash separated by a special character as separator)
- Overrides:
hashPassword in class UserImpl
- Returns:
- the generated hash code including the salt that was either initially generated or reused
from a previous password set before
- See Also:
Strings.hash(String),
SecureUserImpl
generateInitalSalt
protected byte[] generateInitalSalt()
(c) Holger Antelmann since 2001- all rights reserved (contact: info@antelmann.com)
see www.antelmann.com/developer for further details and available downloads
