Package org.opencms.security
Interface I_CmsPasswordHandler
-
- All Superinterfaces:
I_CmsConfigurationParameterHandler
- All Known Implementing Classes:
CmsAdvancedPasswordHandler
,CmsDefaultPasswordHandler
public interface I_CmsPasswordHandler extends I_CmsConfigurationParameterHandler
Defines methods for OpenCms password validation.- Since:
- 6.0.0
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
CONVERT_DIGEST_ENCODING
Flag for conversion of the password encoding.static java.lang.String
DIGEST_TYPE_MD5
String to identify the key value for md5 password hashes.static java.lang.String
DIGEST_TYPE_PLAIN
String to identify the key value for unhashed passwords.static java.lang.String
DIGEST_TYPE_SCRYPT
String to identify the key value for SCrypt password hashes.static java.lang.String
DIGEST_TYPE_SHA
String to identify the key value for sha password hashes.static java.lang.String
DIGEST_TYPE_SSHA
String to identify the key value for sha password hashes with 4 byte salt.-
Fields inherited from interface org.opencms.configuration.I_CmsConfigurationParameterHandler
ADD_PARAMETER_METHOD, INIT_CONFIGURATION_METHOD
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description boolean
checkPassword(java.lang.String plainPassword, java.lang.String digestedPassword, boolean useFallback)
This method checks if the given plain text password is equal to the given digested password.java.lang.String
digest(java.lang.String password)
Creates an OpenCms password digest according to the default setting for method/encodings.java.lang.String
digest(java.lang.String password, java.lang.String digestType, java.lang.String inputEncoding)
Creates an OpenCms password digest.java.lang.String
getDigestType()
Returns the default digest type.java.lang.String
getInputEncoding()
Returns the default password encoding.void
setDigestType(java.lang.String digestType)
Sets the default digest type.void
setInputEncoding(java.lang.String inputEncoding)
Sets the default input encoding.void
validatePassword(java.lang.String password)
This method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.-
Methods inherited from interface org.opencms.configuration.I_CmsConfigurationParameterHandler
addConfigurationParameter, getConfiguration, initConfiguration
-
-
-
-
Field Detail
-
CONVERT_DIGEST_ENCODING
static final java.lang.String CONVERT_DIGEST_ENCODING
Flag for conversion of the password encoding.- See Also:
- Constant Field Values
-
DIGEST_TYPE_MD5
static final java.lang.String DIGEST_TYPE_MD5
String to identify the key value for md5 password hashes.- See Also:
- Constant Field Values
-
DIGEST_TYPE_PLAIN
static final java.lang.String DIGEST_TYPE_PLAIN
String to identify the key value for unhashed passwords.- See Also:
- Constant Field Values
-
DIGEST_TYPE_SHA
static final java.lang.String DIGEST_TYPE_SHA
String to identify the key value for sha password hashes.- See Also:
- Constant Field Values
-
DIGEST_TYPE_SSHA
static final java.lang.String DIGEST_TYPE_SSHA
String to identify the key value for sha password hashes with 4 byte salt.- See Also:
- Constant Field Values
-
DIGEST_TYPE_SCRYPT
static final java.lang.String DIGEST_TYPE_SCRYPT
String to identify the key value for SCrypt password hashes.- See Also:
- Constant Field Values
-
-
Method Detail
-
checkPassword
boolean checkPassword(java.lang.String plainPassword, java.lang.String digestedPassword, boolean useFallback)
This method checks if the given plain text password is equal to the given digested password.Use this to check salted passwords. If the password is salted, it needs to be checked with the salt (and possible other parameters) stored in the digested password. Just digesting the password again and comparing the result to a previous digest won't work because the salt will usually be different.
- Parameters:
plainPassword
- the plain text password to checkdigestedPassword
- the digested password to compare with the plain passworduseFallback
- iftrue
, then use a fall back hashing algorithm in case first validation fails- Returns:
false
if the validation of the password failed
-
digest
java.lang.String digest(java.lang.String password) throws CmsPasswordEncryptionException
Creates an OpenCms password digest according to the default setting for method/encodings.- Parameters:
password
- the password to encrypt- Returns:
- the password digest
- Throws:
CmsPasswordEncryptionException
- if something goes wrong
-
digest
java.lang.String digest(java.lang.String password, java.lang.String digestType, java.lang.String inputEncoding) throws CmsPasswordEncryptionException
Creates an OpenCms password digest.- Parameters:
password
- the password to encryptdigestType
- the algorithm used for encryption (i.e. MD5, SHA ...)inputEncoding
- the encoding used when converting the password to bytes (i.e. UTF-8)- Returns:
- the password digest
- Throws:
CmsPasswordEncryptionException
- if something goes wrong
-
getDigestType
java.lang.String getDigestType()
Returns the default digest type.- Returns:
- the default digest type
-
getInputEncoding
java.lang.String getInputEncoding()
Returns the default password encoding.- Returns:
- the default password encoding
-
setDigestType
void setDigestType(java.lang.String digestType)
Sets the default digest type.- Parameters:
digestType
- the digest type used
-
setInputEncoding
void setInputEncoding(java.lang.String inputEncoding)
Sets the default input encoding.- Parameters:
inputEncoding
- the encoding used for translation the password string to bytes
-
validatePassword
void validatePassword(java.lang.String password) throws CmsSecurityException
This method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.If this method throws no exception the password is valid.
- Parameters:
password
- the password to check- Throws:
CmsSecurityException
- if validation of the password failed
-
-