Package org.opencms.security
Class CmsDefaultPasswordHandler
- java.lang.Object
-
- org.opencms.security.CmsDefaultPasswordHandler
-
- All Implemented Interfaces:
I_CmsConfigurationParameterHandler
,I_CmsPasswordGenerator
,I_CmsPasswordHandler
,I_CmsPasswordSecurityEvaluator
- Direct Known Subclasses:
CmsAdvancedPasswordHandler
public class CmsDefaultPasswordHandler extends java.lang.Object implements I_CmsPasswordHandler, I_CmsPasswordSecurityEvaluator, I_CmsPasswordGenerator
Default implementation for OpenCms password validation, just checks if a password is at last 4 characters long.- Since:
- 6.0.0
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.opencms.security.I_CmsPasswordSecurityEvaluator
I_CmsPasswordSecurityEvaluator.SecurityLevel
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
PARAM_SCRYPT_FALLBACK
Parameter for SCrypt fall back.static java.lang.String
PARAM_SCRYPT_SETTINGS
Parameter for SCrypt settings.static int
PASSWORD_MIN_LENGTH
The minimum length of a password.static int
PASSWORD_SECURE_LENGTH
The password length that is considered to be secure.-
Fields inherited from interface org.opencms.configuration.I_CmsConfigurationParameterHandler
ADD_PARAMETER_METHOD, INIT_CONFIGURATION_METHOD
-
Fields inherited from interface org.opencms.security.I_CmsPasswordHandler
CONVERT_DIGEST_ENCODING, DIGEST_TYPE_MD5, DIGEST_TYPE_PLAIN, DIGEST_TYPE_SCRYPT, DIGEST_TYPE_SHA, DIGEST_TYPE_SSHA
-
-
Constructor Summary
Constructors Constructor Description CmsDefaultPasswordHandler()
The constructor does not perform any operation.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addConfigurationParameter(java.lang.String paramName, java.lang.String paramValue)
Adds a configuration parameter to this parameter configurable class instance.boolean
checkPassword(java.lang.String plainPassword, java.lang.String digestedPassword, boolean useFallback)
This method checks if the given plain text password is equal to the given digested password.java.lang.String
digest(java.lang.String password)
Creates an OpenCms password digest according to the default setting for method/encodings.java.lang.String
digest(java.lang.String password, java.lang.String digestType, java.lang.String inputEncoding)
Creates an OpenCms password digest.I_CmsPasswordSecurityEvaluator.SecurityLevel
evaluatePasswordSecurity(java.lang.String password)
Evaluates the given password security.CmsParameterConfiguration
getConfiguration()
Returns the parameters of this configurable class instance, ornull
if the class does not need any parameters.java.lang.String
getDigestType()
Returns the digestType.java.lang.String
getInputEncoding()
Returns the input encoding.java.lang.String
getPasswordSecurityHint(java.util.Locale locale)
Returns a hint describing how to set a secure password.java.lang.String
getRandomPassword()
Returns random password.void
initConfiguration()
Initializes a configuration after all parameters have been added.void
setDigestType(java.lang.String digestType)
Sets the digestType.void
setInputEncoding(java.lang.String inputEncoding)
Sets the input encoding.void
validatePassword(java.lang.String password)
This method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.
-
-
-
Field Detail
-
PARAM_SCRYPT_FALLBACK
public static java.lang.String PARAM_SCRYPT_FALLBACK
Parameter for SCrypt fall back.
-
PARAM_SCRYPT_SETTINGS
public static java.lang.String PARAM_SCRYPT_SETTINGS
Parameter for SCrypt settings.
-
PASSWORD_MIN_LENGTH
public static final int PASSWORD_MIN_LENGTH
The minimum length of a password.- See Also:
- Constant Field Values
-
PASSWORD_SECURE_LENGTH
public static final int PASSWORD_SECURE_LENGTH
The password length that is considered to be secure.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
CmsDefaultPasswordHandler
public CmsDefaultPasswordHandler()
The constructor does not perform any operation.
-
-
Method Detail
-
addConfigurationParameter
public void addConfigurationParameter(java.lang.String paramName, java.lang.String paramValue)
Description copied from interface:I_CmsConfigurationParameterHandler
Adds a configuration parameter to this parameter configurable class instance.- Specified by:
addConfigurationParameter
in interfaceI_CmsConfigurationParameterHandler
- Parameters:
paramName
- the name of the parameterparamValue
- the value for the parameter- See Also:
I_CmsConfigurationParameterHandler.addConfigurationParameter(java.lang.String, java.lang.String)
-
checkPassword
public boolean checkPassword(java.lang.String plainPassword, java.lang.String digestedPassword, boolean useFallback)
Description copied from interface:I_CmsPasswordHandler
This method checks if the given plain text password is equal to the given digested password.Use this to check salted passwords. If the password is salted, it needs to be checked with the salt (and possible other parameters) stored in the digested password. Just digesting the password again and comparing the result to a previous digest won't work because the salt will usually be different.
- Specified by:
checkPassword
in interfaceI_CmsPasswordHandler
- Parameters:
plainPassword
- the plain text password to checkdigestedPassword
- the digested password to compare with the plain passworduseFallback
- iftrue
, then use a fall back hashing algorithm in case first validation fails- Returns:
false
if the validation of the password failed- See Also:
I_CmsPasswordHandler.checkPassword(String, String, boolean)
-
digest
public java.lang.String digest(java.lang.String password) throws CmsPasswordEncryptionException
Description copied from interface:I_CmsPasswordHandler
Creates an OpenCms password digest according to the default setting for method/encodings.- Specified by:
digest
in interfaceI_CmsPasswordHandler
- Parameters:
password
- the password to encrypt- Returns:
- the password digest
- Throws:
CmsPasswordEncryptionException
- if something goes wrong- See Also:
I_CmsPasswordHandler.digest(java.lang.String)
-
digest
public java.lang.String digest(java.lang.String password, java.lang.String digestType, java.lang.String inputEncoding) throws CmsPasswordEncryptionException
Description copied from interface:I_CmsPasswordHandler
Creates an OpenCms password digest.- Specified by:
digest
in interfaceI_CmsPasswordHandler
- Parameters:
password
- the password to encryptdigestType
- the algorithm used for encryption (i.e. MD5, SHA ...)inputEncoding
- the encoding used when converting the password to bytes (i.e. UTF-8)- Returns:
- the password digest
- Throws:
CmsPasswordEncryptionException
- if something goes wrong- See Also:
I_CmsPasswordHandler.digest(java.lang.String, java.lang.String, java.lang.String)
-
evaluatePasswordSecurity
public I_CmsPasswordSecurityEvaluator.SecurityLevel evaluatePasswordSecurity(java.lang.String password)
Description copied from interface:I_CmsPasswordSecurityEvaluator
Evaluates the given password security.- Specified by:
evaluatePasswordSecurity
in interfaceI_CmsPasswordSecurityEvaluator
- Parameters:
password
- the password- Returns:
- the security level as a number between 0 and 1, 0 meaning a low security and 1 a strong security
- See Also:
I_CmsPasswordSecurityEvaluator.evaluatePasswordSecurity(java.lang.String)
-
getConfiguration
public CmsParameterConfiguration getConfiguration()
Description copied from interface:I_CmsConfigurationParameterHandler
Returns the parameters of this configurable class instance, ornull
if the class does not need any parameters.- Specified by:
getConfiguration
in interfaceI_CmsConfigurationParameterHandler
- Returns:
- the parameters of this configurable class instance,
or
null
if the class does not need any parameters - See Also:
I_CmsConfigurationParameterHandler.getConfiguration()
-
getDigestType
public java.lang.String getDigestType()
Returns the digestType.- Specified by:
getDigestType
in interfaceI_CmsPasswordHandler
- Returns:
- the digestType
-
getInputEncoding
public java.lang.String getInputEncoding()
Returns the input encoding.- Specified by:
getInputEncoding
in interfaceI_CmsPasswordHandler
- Returns:
- the input encoding
-
getPasswordSecurityHint
public java.lang.String getPasswordSecurityHint(java.util.Locale locale)
Description copied from interface:I_CmsPasswordSecurityEvaluator
Returns a hint describing how to set a secure password.- Specified by:
getPasswordSecurityHint
in interfaceI_CmsPasswordSecurityEvaluator
- Parameters:
locale
- the locale- Returns:
- the password security hint
- See Also:
I_CmsPasswordSecurityEvaluator.getPasswordSecurityHint(java.util.Locale)
-
getRandomPassword
public java.lang.String getRandomPassword()
Description copied from interface:I_CmsPasswordGenerator
Returns random password.- Specified by:
getRandomPassword
in interfaceI_CmsPasswordGenerator
- Returns:
- See Also:
I_CmsPasswordGenerator.getRandomPassword()
-
initConfiguration
public void initConfiguration()
Description copied from interface:I_CmsConfigurationParameterHandler
Initializes a configuration after all parameters have been added.- Specified by:
initConfiguration
in interfaceI_CmsConfigurationParameterHandler
- See Also:
I_CmsConfigurationParameterHandler.initConfiguration()
-
setDigestType
public void setDigestType(java.lang.String digestType)
Sets the digestType.- Specified by:
setDigestType
in interfaceI_CmsPasswordHandler
- Parameters:
digestType
- the digestType to set
-
setInputEncoding
public void setInputEncoding(java.lang.String inputEncoding)
Sets the input encoding.- Specified by:
setInputEncoding
in interfaceI_CmsPasswordHandler
- Parameters:
inputEncoding
- the input encoding to set
-
validatePassword
public void validatePassword(java.lang.String password) throws CmsSecurityException
Description copied from interface:I_CmsPasswordHandler
This method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.If this method throws no exception the password is valid.
- Specified by:
validatePassword
in interfaceI_CmsPasswordHandler
- Parameters:
password
- the password to check- Throws:
CmsSecurityException
- if validation of the password failed- See Also:
I_CmsPasswordHandler.validatePassword(java.lang.String)
-
-