Package org.opencms.security

Interface I_CmsPasswordHandler

All Superinterfaces:
I_CmsConfigurationParameterHandler
All Known Implementing Classes:
CmsAdvancedPasswordHandler, CmsDefaultPasswordHandler
public interface I_CmsPasswordHandler extends I_CmsConfigurationParameterHandler
Defines methods for OpenCms password validation.

Since:
6.0.0

  • Field Details

  • Method Details

    • checkPassword

      boolean checkPassword(String plainPassword, String digestedPassword, boolean useFallback)
      This method checks if the given plain text password is equal to the given digested password.

      Use this to check salted passwords. If the password is salted, it needs to be checked with the salt (and possible other parameters) stored in the digested password. Just digesting the password again and comparing the result to a previous digest won't work because the salt will usually be different.

      Parameters:
      plainPassword - the plain text password to check
      digestedPassword - the digested password to compare with the plain password
      useFallback - if true, then use a fall back hashing algorithm in case first validation fails
      Returns:
      false if the validation of the password failed

    • digest

      String digest(String password) throws CmsPasswordEncryptionException
      Creates an OpenCms password digest according to the default setting for method/encodings.

      Parameters:
      password - the password to encrypt
      Returns:
      the password digest
      Throws:
      CmsPasswordEncryptionException - if something goes wrong

    • digest

      String digest(String password, String digestType, String inputEncoding) throws CmsPasswordEncryptionException
      Creates an OpenCms password digest.

      Parameters:
      password - the password to encrypt
      digestType - the algorithm used for encryption (i.e. MD5, SHA ...)
      inputEncoding - the encoding used when converting the password to bytes (i.e. UTF-8)
      Returns:
      the password digest
      Throws:
      CmsPasswordEncryptionException - if something goes wrong

    • getDigestType

      String getDigestType()
      Returns the default digest type.

      Returns:
      the default digest type

    • getInputEncoding

      String getInputEncoding()
      Returns the default password encoding.

      Returns:
      the default password encoding

    • setDigestType

      void setDigestType(String digestType)
      Sets the default digest type.

      Parameters:
      digestType - the digest type used

    • setInputEncoding

      void setInputEncoding(String inputEncoding)
      Sets the default input encoding.

      Parameters:
      inputEncoding - the encoding used for translation the password string to bytes

    • validatePassword

      void validatePassword(String password) throws CmsSecurityException
      This method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.

      If this method throws no exception the password is valid.

      Parameters:
      password - the password to check
      Throws:
      CmsSecurityException - if validation of the password failed