Sha1CredentialsMatcher (Apache Shiro :: Core 1.0.0-incubating API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.shiro.authc.credential
Class Sha1CredentialsMatcher

java.lang.Object
  org.apache.shiro.codec.CodecSupport
      org.apache.shiro.authc.credential.SimpleCredentialsMatcher
          org.apache.shiro.authc.credential.HashedCredentialsMatcher
              org.apache.shiro.authc.credential.Sha1CredentialsMatcher

All Implemented Interfaces:: CredentialsMatcher

public class Sha1CredentialsMatcher
extends HashedCredentialsMatcher
extends HashedCredentialsMatcher

HashedCredentialsMatcher implementation that expects the stored AuthenticationInfo credentials to be SHA hashed.

Note: MD5 and SHA-1 algorithms are now known to be vulnerable to compromise and/or collisions (read the linked pages for more). While most applications are ok with either of these two, if your application mandates high security, use the SHA-256 (or higher) hashing algorithms and their supporting CredentialsMatcher implementations.

Since:: 0.9
Author:: Les Hazlewood

Field Summary

Fields inherited from class org.apache.shiro.codec.CodecSupport
`PREFERRED_ENCODING`

Constructor Summary
`Sha1CredentialsMatcher()`

Method Summary
`protected Hash`	`hashProvidedCredentials(Object credentials, Object salt, int hashIterations)` This implementation merely returns `new Sha1Hash(credentials,salt,hashIterations)`.
`protected AbstractHash`	`newHashInstance()` Creates a new uninitialized `Sha1Hash` instance, without it's byte array set.

Methods inherited from class org.apache.shiro.authc.credential.HashedCredentialsMatcher
`getCredentials, getCredentials, getHashIterations, getSalt, isHashSalted, isStoredCredentialsHexEncoded, setHashIterations, setHashSalted, setStoredCredentialsHexEncoded`

Methods inherited from class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
`doCredentialsMatch, equals`

Methods inherited from class org.apache.shiro.codec.CodecSupport
`isByteSource, objectToBytes, objectToString, toBytes, toBytes, toBytes, toBytes, toBytes, toBytes, toBytes, toChars, toChars, toString, toString, toString`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

Sha1CredentialsMatcher

public Sha1CredentialsMatcher()

Method Detail

newHashInstance

protected AbstractHash newHashInstance()

Creates a new uninitialized Sha1Hash instance, without it's byte array set.

Specified by:: newHashInstance in class HashedCredentialsMatcher

Returns:: a new uninitialized Sha1Hash instance, without it's byte array set.

hashProvidedCredentials

protected Hash hashProvidedCredentials(Object credentials,
                                       Object salt,
                                       int hashIterations)

This implementation merely returns new Sha1Hash(credentials,salt,hashIterations).

Specified by:: hashProvidedCredentials in class HashedCredentialsMatcher

Parameters:: credentials - the submitted authentication token's credentials to hash; salt - the value to salt the hash, or null if a salt will not be used.; hashIterations - the number of times to hash the credentials. At least one hash will always occur though, even if this argument is 0 or negative.
Returns:: the hashed value of the provided credentials, according to the specified salt and hash iterations.