Interface I_CmsPasswordHandler

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      boolean checkPassword​(java.lang.String plainPassword, java.lang.String digestedPassword, boolean useFallback)
      This method checks if the given plain text password is equal to the given digested password.
      java.lang.String digest​(java.lang.String password)
      Creates an OpenCms password digest according to the default setting for method/encodings.
      java.lang.String digest​(java.lang.String password, java.lang.String digestType, java.lang.String inputEncoding)
      Creates an OpenCms password digest.
      java.lang.String getDigestType()
      Returns the default digest type.
      java.lang.String getInputEncoding()
      Returns the default password encoding.
      void setDigestType​(java.lang.String digestType)
      Sets the default digest type.
      void setInputEncoding​(java.lang.String inputEncoding)
      Sets the default input encoding.
      void validatePassword​(java.lang.String password)
      This method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.
    • Method Detail

      • checkPassword

        boolean checkPassword​(java.lang.String plainPassword,
                              java.lang.String digestedPassword,
                              boolean useFallback)
        This method checks if the given plain text password is equal to the given digested password.

        Use this to check salted passwords. If the password is salted, it needs to be checked with the salt (and possible other parameters) stored in the digested password. Just digesting the password again and comparing the result to a previous digest won't work because the salt will usually be different.

        Parameters:
        plainPassword - the plain text password to check
        digestedPassword - the digested password to compare with the plain password
        useFallback - if true, then use a fall back hashing algorithm in case first validation fails
        Returns:
        false if the validation of the password failed
      • digest

        java.lang.String digest​(java.lang.String password)
                         throws CmsPasswordEncryptionException
        Creates an OpenCms password digest according to the default setting for method/encodings.

        Parameters:
        password - the password to encrypt
        Returns:
        the password digest
        Throws:
        CmsPasswordEncryptionException - if something goes wrong
      • digest

        java.lang.String digest​(java.lang.String password,
                                java.lang.String digestType,
                                java.lang.String inputEncoding)
                         throws CmsPasswordEncryptionException
        Creates an OpenCms password digest.

        Parameters:
        password - the password to encrypt
        digestType - the algorithm used for encryption (i.e. MD5, SHA ...)
        inputEncoding - the encoding used when converting the password to bytes (i.e. UTF-8)
        Returns:
        the password digest
        Throws:
        CmsPasswordEncryptionException - if something goes wrong
      • getDigestType

        java.lang.String getDigestType()
        Returns the default digest type.

        Returns:
        the default digest type
      • getInputEncoding

        java.lang.String getInputEncoding()
        Returns the default password encoding.

        Returns:
        the default password encoding
      • setDigestType

        void setDigestType​(java.lang.String digestType)
        Sets the default digest type.

        Parameters:
        digestType - the digest type used
      • setInputEncoding

        void setInputEncoding​(java.lang.String inputEncoding)
        Sets the default input encoding.

        Parameters:
        inputEncoding - the encoding used for translation the password string to bytes
      • validatePassword

        void validatePassword​(java.lang.String password)
                       throws CmsSecurityException
        This method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.

        If this method throws no exception the password is valid.

        Parameters:
        password - the password to check
        Throws:
        CmsSecurityException - if validation of the password failed