| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!--NewPage--> |
| <HTML> |
| <HEAD> |
| <!-- Generated by javadoc (build 1.6.0_65) on Tue Feb 25 18:15:45 EST 2014 --> |
| <META http-equiv="Content-Type" content="text/html; charset=UTF-8"> |
| <TITLE> |
| HashedCredentialsMatcher (Apache Shiro 1.2.3 API) |
| </TITLE> |
| |
| <META NAME="date" CONTENT="2014-02-25"> |
| |
| <LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../../stylesheet.css" TITLE="Style"> |
| |
| <SCRIPT type="text/javascript"> |
| function windowTitle() |
| { |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="HashedCredentialsMatcher (Apache Shiro 1.2.3 API)"; |
| } |
| } |
| </SCRIPT> |
| <NOSCRIPT> |
| </NOSCRIPT> |
| |
| </HEAD> |
| |
| <BODY BGCOLOR="white" onload="windowTitle();"> |
| <HR> |
| |
| |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <A NAME="navbar_top"><!-- --></A> |
| <A HREF="#skip-navbar_top" title="Skip navigation links"></A> |
| <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> |
| <TR> |
| <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> |
| <A NAME="navbar_top_firstrow"><!-- --></A> |
| <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> |
| <TR ALIGN="center" VALIGN="top"> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> |
| <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/HashedCredentialsMatcher.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD> |
| </TR> |
| </TABLE> |
| </TD> |
| <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> |
| </EM> |
| </TD> |
| </TR> |
| |
| <TR> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../../../../../org/apache/shiro/authc/credential/DefaultPasswordService.html" title="class in org.apache.shiro.authc.credential"><B>PREV CLASS</B></A> |
| <A HREF="../../../../../org/apache/shiro/authc/credential/HashingPasswordService.html" title="interface in org.apache.shiro.authc.credential"><B>NEXT CLASS</B></A></FONT></TD> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../../../../../index.html?org/apache/shiro/authc/credential/HashedCredentialsMatcher.html" target="_top"><B>FRAMES</B></A> |
| <A HREF="HashedCredentialsMatcher.html" target="_top"><B>NO FRAMES</B></A> |
| <SCRIPT type="text/javascript"> |
| <!-- |
| if(window==top) { |
| document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>'); |
| } |
| //--> |
| </SCRIPT> |
| <NOSCRIPT> |
| <A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A> |
| </NOSCRIPT> |
| |
| |
| </FONT></TD> |
| </TR> |
| <TR> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| SUMMARY: NESTED | <A HREF="#fields_inherited_from_class_org.apache.shiro.codec.CodecSupport">FIELD</A> | <A HREF="#constructor_summary">CONSTR</A> | <A HREF="#method_summary">METHOD</A></FONT></TD> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| DETAIL: FIELD | <A HREF="#constructor_detail">CONSTR</A> | <A HREF="#method_detail">METHOD</A></FONT></TD> |
| </TR> |
| </TABLE> |
| <A NAME="skip-navbar_top"></A> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| |
| <HR> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <H2> |
| <FONT SIZE="-1"> |
| org.apache.shiro.authc.credential</FONT> |
| <BR> |
| Class HashedCredentialsMatcher</H2> |
| <PRE> |
| <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</A> |
| <IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html" title="class in org.apache.shiro.codec">org.apache.shiro.codec.CodecSupport</A> |
| <IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">org.apache.shiro.authc.credential.SimpleCredentialsMatcher</A> |
| <IMG SRC="../../../../../resources/inherit.gif" ALT="extended by "><B>org.apache.shiro.authc.credential.HashedCredentialsMatcher</B> |
| </PRE> |
| <DL> |
| <DT><B>All Implemented Interfaces:</B> <DD><A HREF="../../../../../org/apache/shiro/authc/credential/CredentialsMatcher.html" title="interface in org.apache.shiro.authc.credential">CredentialsMatcher</A></DD> |
| </DL> |
| <DL> |
| <DT><B>Direct Known Subclasses:</B> <DD><A HREF="../../../../../org/apache/shiro/authc/credential/Md2CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Md2CredentialsMatcher</A>, <A HREF="../../../../../org/apache/shiro/authc/credential/Md5CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Md5CredentialsMatcher</A>, <A HREF="../../../../../org/apache/shiro/authc/credential/Sha1CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Sha1CredentialsMatcher</A>, <A HREF="../../../../../org/apache/shiro/authc/credential/Sha256CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Sha256CredentialsMatcher</A>, <A HREF="../../../../../org/apache/shiro/authc/credential/Sha384CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Sha384CredentialsMatcher</A>, <A HREF="../../../../../org/apache/shiro/authc/credential/Sha512CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">Sha512CredentialsMatcher</A></DD> |
| </DL> |
| <HR> |
| <DL> |
| <DT><PRE>public class <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.120"><B>HashedCredentialsMatcher</B></A><DT>extends <A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">SimpleCredentialsMatcher</A></DL> |
| </PRE> |
| |
| <P> |
| A <code>HashedCredentialMatcher</code> provides support for hashing of supplied <code>AuthenticationToken</code> credentials |
| before being compared to those in the <code>AuthenticationInfo</code> from the data store. |
| <p/> |
| Credential hashing is one of the most common security techniques when safeguarding a user's private credentials |
| (passwords, keys, etc). Most developers never want to store their users' credentials in plain form, viewable by |
| anyone, so they often hash the users' credentials before they are saved in the data store. |
| <p/> |
| This class (and its subclasses) function as follows: |
| <ol> |
| <li>Hash the <code>AuthenticationToken</code> credentials supplied by the user during their login.</li> |
| <li>Compare this hashed value directly with the <code>AuthenticationInfo</code> credentials stored in the system |
| (the stored account credentials are expected to already be in hashed form).</li> |
| <li>If these two values are <A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#equals(java.lang.Object, java.lang.Object)"><CODE>equal</CODE></A>, the submitted credentials match, otherwise |
| they do not.</li> |
| </ol> |
| <h2>Salting and Multiple Hash Iterations</h2> |
| Because simple hashing is usually not good enough for secure applications, this class also supports 'salting' |
| and multiple hash iterations. Please read this excellent |
| <a href="http://www.owasp.org/index.php/Hashing_Java" _target="blank">Hashing Java article</a> to learn about |
| salting and multiple iterations and why you might want to use them. (Note of sections 5 |
| "Why add salt?" and 6 "Hardening against the attacker's attack"). We should also note here that all of |
| Shiro's Hash implementations (for example, <A HREF="../../../../../org/apache/shiro/crypto/hash/Md5Hash.html" title="class in org.apache.shiro.crypto.hash"><CODE>Md5Hash</CODE></A>, |
| <A HREF="../../../../../org/apache/shiro/crypto/hash/Sha1Hash.html" title="class in org.apache.shiro.crypto.hash"><CODE>Sha1Hash</CODE></A>, etc) support salting and multiple hash iterations via |
| overloaded constructors. |
| <h4>Real World Case Study</h4> |
| In April 2010, some public Atlassian Jira and Confluence |
| installations (Apache Software Foundation, Codehaus, etc) were the target of account attacks and user accounts |
| were compromised. The reason? Jira and Confluence at the time did not salt user passwords and attackers were |
| able to use dictionary attacks to compromise user accounts (Atlassian has since |
| <a href="http://blogs.atlassian.com/news/2010/04/oh_man_what_a_day_an_update_on_our_security_breach.html"> |
| fixed the problem</a> of course). |
| <p/> |
| The lesson? |
| <p/> |
| <b>ALWAYS, ALWAYS, ALWAYS SALT USER PASSWORDS!</b> |
| <p/> |
| <h3>Salting</h3> |
| Prior to Shiro 1.1, salts could be obtained based on the end-user submitted |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationToken</CODE></A> via the now-deprecated |
| <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><CODE>getSalt(AuthenticationToken)</CODE></A> method. This however |
| could constitute a security hole since ideally salts should never be obtained based on what a user can submit. |
| User-submitted salt mechanisms are <em>much</em> more susceptible to dictionary attacks and <b>SHOULD NOT</b> be |
| used in secure systems. Instead salts should ideally be a secure randomly-generated number that is generated when |
| the user account is created. The secure number should never be disseminated to the user and always kept private |
| by the application. |
| <h4>Shiro 1.1</h4> |
| As of Shiro 1.1, it is expected that any salt used to hash the submitted credentials will be obtained from the |
| stored account information (represented as an <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> instance). This is much |
| more secure because the salt value remains private to the application (Shiro will never store this value). |
| <p/> |
| To enable this, <code>Realm</code>s should return <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> instances |
| during authentication. <code>HashedCredentialsMatcher</code> implementations will then use the provided |
| <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><CODE>credentialsSalt</CODE></A> for hashing. To avoid |
| security risks, |
| <b>it is highly recommended that any existing <code>Realm</code> implementations that support hashed credentials are |
| updated to return <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> instances as soon as possible</b>. |
| <h4>Shiro 1.0 Backwards Compatibility</h4> |
| Because of the identified security risk, <code>Realm</code> implementations that support credentials hashing should |
| be updated to return <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> instances as |
| soon as possible. |
| <p/> |
| If this is not possible for some reason, this class will retain 1.0 backwards-compatible behavior of obtaining |
| the salt via the now-deprecated <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><CODE>getSalt(AuthenticationToken)</CODE></A> method. This |
| method will only be invoked if a <code>Realm</code> <em>does not</em> return |
| <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAutenticationInfo</CODE></A> instances and <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#isHashSalted()"><CODE>hashSalted</CODE></A> is |
| <code>true</code>. |
| But please note that the <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#isHashSalted()"><CODE>hashSalted</CODE></A> property and the |
| <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><CODE>getSalt(AuthenticationToken)</CODE></A> methods will be removed before the Shiro 2.0 |
| release. |
| <h3>Multiple Hash Iterations</h3> |
| If you hash your users' credentials multiple times before persisting to the data store, you will also need to |
| set this class's <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setHashIterations(int)"><CODE>hashIterations</CODE></A> property. See the |
| <a href="http://www.owasp.org/index.php/Hashing_Java" _target="blank">Hashing Java article</a>'s |
| <a href="http://www.owasp.org/index.php/Hashing_Java#Hardening_against_the_attacker.27s_attack"> |
| "Hardening against the attacker's attack"</a> section to learn more about why you might want to use |
| multiple hash iterations. |
| <h2>MD5 & SHA-1 Notice</h2> |
| <a href="http://en.wikipedia.org/wiki/MD5">MD5</a> and |
| <a href="http://en.wikipedia.org/wiki/SHA_hash_functions">SHA-1</a> algorithms are now known to be vulnerable to |
| compromise and/or collisions (read the linked pages for more). While most applications are ok with either of these |
| two, if your application mandates high security, use the SHA-256 (or higher) hashing algorithms and their |
| supporting <code>CredentialsMatcher</code> implementations. |
| <P> |
| |
| <P> |
| <DL> |
| <DT><B>Since:</B></DT> |
| <DD>0.9</DD> |
| <DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/crypto/hash/Md5Hash.html" title="class in org.apache.shiro.crypto.hash"><CODE>Md5Hash</CODE></A>, |
| <A HREF="../../../../../org/apache/shiro/crypto/hash/Sha1Hash.html" title="class in org.apache.shiro.crypto.hash"><CODE>Sha1Hash</CODE></A>, |
| <A HREF="../../../../../org/apache/shiro/crypto/hash/Sha256Hash.html" title="class in org.apache.shiro.crypto.hash"><CODE>Sha256Hash</CODE></A></DL> |
| <HR> |
| |
| <P> |
| <!-- =========== FIELD SUMMARY =========== --> |
| |
| <A NAME="field_summary"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> |
| <B>Field Summary</B></FONT></TH> |
| </TR> |
| </TABLE> |
| <A NAME="fields_inherited_from_class_org.apache.shiro.codec.CodecSupport"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Fields inherited from class org.apache.shiro.codec.<A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html" title="class in org.apache.shiro.codec">CodecSupport</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#PREFERRED_ENCODING">PREFERRED_ENCODING</A></CODE></TD> |
| </TR> |
| </TABLE> |
| |
| <!-- ======== CONSTRUCTOR SUMMARY ======== --> |
| |
| <A NAME="constructor_summary"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> |
| <B>Constructor Summary</B></FONT></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#HashedCredentialsMatcher()">HashedCredentialsMatcher</A></B>()</CODE> |
| |
| <BR> |
| JavaBeans-compatibile no-arg constructor intended for use in IoC/Dependency Injection environments.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#HashedCredentialsMatcher(java.lang.String)">HashedCredentialsMatcher</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> hashAlgorithmName)</CODE> |
| |
| <BR> |
| Creates an instance using the specified <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getHashAlgorithmName()"><CODE>hashAlgorithmName</CODE></A> to hash submitted |
| credentials.</TD> |
| </TR> |
| </TABLE> |
| |
| <!-- ========== METHOD SUMMARY =========== --> |
| |
| <A NAME="method_summary"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> |
| <B>Method Summary</B></FONT></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> boolean</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#doCredentialsMatch(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">doCredentialsMatch</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token, |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> info)</CODE> |
| |
| <BR> |
| This implementation first hashes the <code>token</code>'s credentials, potentially using a |
| <code>salt</code> if the <code>info</code> argument is a |
| <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A>.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getCredentials(org.apache.shiro.authc.AuthenticationInfo)">getCredentials</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> info)</CODE> |
| |
| <BR> |
| Returns a <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><CODE>Hash</CODE></A> instance representing the already-hashed AuthenticationInfo credentials stored in the system.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getHashAlgorithmName()">getHashAlgorithmName</A></B>()</CODE> |
| |
| <BR> |
| Returns the <code>Hash</code> <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><CODE>algorithmName</CODE></A> to use |
| when performing hashes for credentials matching.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> int</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getHashIterations()">getHashIterations</A></B>()</CODE> |
| |
| <BR> |
| Returns the number of times a submitted <code>AuthenticationToken</code>'s credentials will be hashed before |
| comparing to the credentials stored in the system.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)">getSalt</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token)</CODE> |
| |
| <BR> |
| <B>Deprecated.</B> <I>since Shiro 1.1. Hash salting is now expected to be based on if the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> |
| returned from the <code>Realm</code> is a <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> instance and its |
| <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><CODE>getCredentialsSalt()</CODE></A> method returns a non-null value. |
| This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return |
| <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations |
| that support hashed credentials start returning <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> |
| instances as soon as possible</b>.<p/> |
| This is because salts should always be obtained from the stored account information and |
| never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for |
| attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user |
| are almost impossible to break. This method will be removed in Shiro 2.0.</I></TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#hashProvidedCredentials(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">hashProvidedCredentials</A></B>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token, |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> info)</CODE> |
| |
| <BR> |
| Hash the provided <code>token</code>'s credentials using the salt stored with the account if the |
| <code>info</code> instance is an <code>instanceof</code> <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> (see |
| the class-level JavaDoc for why this is the preferred approach).</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash">Hash</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#hashProvidedCredentials(java.lang.Object, java.lang.Object, int)">hashProvidedCredentials</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> credentials, |
| <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> salt, |
| int hashIterations)</CODE> |
| |
| <BR> |
| Hashes the provided credentials a total of <code>hashIterations</code> times, using the given salt.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> boolean</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#isHashSalted()">isHashSalted</A></B>()</CODE> |
| |
| <BR> |
| <B>Deprecated.</B> <I>since Shiro 1.1. Hash salting is now expected to be based on if the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> |
| returned from the <code>Realm</code> is a <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> instance and its |
| <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><CODE>getCredentialsSalt()</CODE></A> method returns a non-null value. |
| This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return |
| <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations |
| that support hashed credentials start returning <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> |
| instances as soon as possible</b>. |
| <p/> |
| This is because salts should always be obtained from the stored account information and |
| never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for |
| attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user |
| are almost impossible to break. This method will be removed in Shiro 2.0.</I></TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> boolean</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#isStoredCredentialsHexEncoded()">isStoredCredentialsHexEncoded</A></B>()</CODE> |
| |
| <BR> |
| Returns <code>true</code> if the system's stored credential hash is Hex encoded, <code>false</code> if it |
| is Base64 encoded.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE>protected <A HREF="../../../../../org/apache/shiro/crypto/hash/AbstractHash.html" title="class in org.apache.shiro.crypto.hash">AbstractHash</A></CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#newHashInstance()">newHashInstance</A></B>()</CODE> |
| |
| <BR> |
| Returns a new, <em>uninitialized</em> instance, without its byte array set.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> void</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setHashAlgorithmName(java.lang.String)">setHashAlgorithmName</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> hashAlgorithmName)</CODE> |
| |
| <BR> |
| Sets the <code>Hash</code> <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><CODE>algorithmName</CODE></A> to use |
| when performing hashes for credentials matching.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> void</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setHashIterations(int)">setHashIterations</A></B>(int hashIterations)</CODE> |
| |
| <BR> |
| Sets the number of times a submitted <code>AuthenticationToken</code>'s credentials will be hashed before comparing |
| to the credentials stored in the system.</TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> void</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setHashSalted(boolean)">setHashSalted</A></B>(boolean hashSalted)</CODE> |
| |
| <BR> |
| <B>Deprecated.</B> <I>since Shiro 1.1. Hash salting is now expected to be based on if the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> |
| returned from the <code>Realm</code> is a <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> instance and its |
| <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><CODE>getCredentialsSalt()</CODE></A> method returns a non-null value. |
| This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return |
| <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations |
| that support hashed credentials start returning <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> |
| instances as soon as possible</b>. |
| <p/> |
| This is because salts should always be obtained from the stored account information and |
| never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for |
| attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user |
| are almost impossible to break. This method will be removed in Shiro 2.0.</I></TD> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> |
| <CODE> void</CODE></FONT></TD> |
| <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setStoredCredentialsHexEncoded(boolean)">setStoredCredentialsHexEncoded</A></B>(boolean storedCredentialsHexEncoded)</CODE> |
| |
| <BR> |
| Sets the indicator if this system's stored credential hash is Hex encoded or not.</TD> |
| </TR> |
| </TABLE> |
| <A NAME="methods_inherited_from_class_org.apache.shiro.authc.credential.SimpleCredentialsMatcher"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.authc.credential.<A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">SimpleCredentialsMatcher</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#equals(java.lang.Object, java.lang.Object)">equals</A>, <A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#getCredentials(org.apache.shiro.authc.AuthenticationToken)">getCredentials</A></CODE></TD> |
| </TR> |
| </TABLE> |
| <A NAME="methods_inherited_from_class_org.apache.shiro.codec.CodecSupport"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.codec.<A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html" title="class in org.apache.shiro.codec">CodecSupport</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#isByteSource(java.lang.Object)">isByteSource</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#objectToBytes(java.lang.Object)">objectToBytes</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#objectToString(java.lang.Object)">objectToString</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(char[])">toBytes</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(char[], java.lang.String)">toBytes</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(java.io.File)">toBytes</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(java.io.InputStream)">toBytes</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(java.lang.Object)">toBytes</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(java.lang.String)">toBytes</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(java.lang.String, java.lang.String)">toBytes</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toChars(byte[])">toChars</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toChars(byte[], java.lang.String)">toChars</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toString(byte[])">toString</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toString(byte[], java.lang.String)">toString</A>, <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toString(java.lang.Object)">toString</A></CODE></TD> |
| </TR> |
| </TABLE> |
| <A NAME="methods_inherited_from_class_java.lang.Object"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor"> |
| <TH ALIGN="left"><B>Methods inherited from class java.lang.<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></B></TH> |
| </TR> |
| <TR BGCOLOR="white" CLASS="TableRowColor"> |
| <TD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang">notifyAll</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#toString()" title="class or interface in java.lang">toString</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long, int)" title="class or interface in java.lang">wait</A></CODE></TD> |
| </TR> |
| </TABLE> |
| |
| <P> |
| |
| <!-- ========= CONSTRUCTOR DETAIL ======== --> |
| |
| <A NAME="constructor_detail"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"> |
| <B>Constructor Detail</B></FONT></TH> |
| </TR> |
| </TABLE> |
| |
| <A NAME="HashedCredentialsMatcher()"><!-- --></A><H3> |
| HashedCredentialsMatcher</H3> |
| <PRE> |
| public <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.135"><B>HashedCredentialsMatcher</B></A>()</PRE> |
| <DL> |
| <DD>JavaBeans-compatibile no-arg constructor intended for use in IoC/Dependency Injection environments. If you |
| use this constructor, you <em>MUST</em> also additionally set the |
| <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#setHashAlgorithmName(java.lang.String)"><CODE>hashAlgorithmName</CODE></A> property. |
| <P> |
| </DL> |
| <HR> |
| |
| <A NAME="HashedCredentialsMatcher(java.lang.String)"><!-- --></A><H3> |
| HashedCredentialsMatcher</H3> |
| <PRE> |
| public <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.149"><B>HashedCredentialsMatcher</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> hashAlgorithmName)</PRE> |
| <DL> |
| <DD>Creates an instance using the specified <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getHashAlgorithmName()"><CODE>hashAlgorithmName</CODE></A> to hash submitted |
| credentials. |
| <P> |
| <DL> |
| <DT><B>Parameters:</B><DD><CODE>hashAlgorithmName</CODE> - the <code>Hash</code> <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><CODE>algorithmName</CODE></A> |
| to use when performing hashes for credentials matching.<DT><B>Since:</B></DT> |
| <DD>1.1</DD> |
| </DL> |
| </DL> |
| |
| <!-- ============ METHOD DETAIL ========== --> |
| |
| <A NAME="method_detail"><!-- --></A> |
| <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> |
| <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> |
| <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"> |
| <B>Method Detail</B></FONT></TH> |
| </TR> |
| </TABLE> |
| |
| <A NAME="getHashAlgorithmName()"><!-- --></A><H3> |
| getHashAlgorithmName</H3> |
| <PRE> |
| public <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.165"><B>getHashAlgorithmName</B></A>()</PRE> |
| <DL> |
| <DD>Returns the <code>Hash</code> <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><CODE>algorithmName</CODE></A> to use |
| when performing hashes for credentials matching. |
| <P> |
| <DD><DL> |
| |
| <DT><B>Returns:</B><DD>the <code>Hash</code> <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><CODE>algorithmName</CODE></A> to use |
| when performing hashes for credentials matching.<DT><B>Since:</B></DT> |
| <DD>1.1</DD> |
| </DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="setHashAlgorithmName(java.lang.String)"><!-- --></A><H3> |
| setHashAlgorithmName</H3> |
| <PRE> |
| public void <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.177"><B>setHashAlgorithmName</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> hashAlgorithmName)</PRE> |
| <DL> |
| <DD>Sets the <code>Hash</code> <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><CODE>algorithmName</CODE></A> to use |
| when performing hashes for credentials matching. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>hashAlgorithmName</CODE> - the <code>Hash</code> <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html#getAlgorithmName()"><CODE>algorithmName</CODE></A> |
| to use when performing hashes for credentials matching.<DT><B>Since:</B></DT> |
| <DD>1.1</DD> |
| </DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="isStoredCredentialsHexEncoded()"><!-- --></A><H3> |
| isStoredCredentialsHexEncoded</H3> |
| <PRE> |
| public boolean <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.192"><B>isStoredCredentialsHexEncoded</B></A>()</PRE> |
| <DL> |
| <DD>Returns <code>true</code> if the system's stored credential hash is Hex encoded, <code>false</code> if it |
| is Base64 encoded. |
| <p/> |
| Default value is <code>true</code> for convenience - all of Shiro's <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><CODE>Hash#toString()</CODE></A> |
| implementations return Hex encoded values by default, making this class's use with those implementations |
| easier. |
| <P> |
| <DD><DL> |
| |
| <DT><B>Returns:</B><DD><code>true</code> if the system's stored credential hash is Hex encoded, <code>false</code> if it |
| is Base64 encoded. Default is <code>true</code></DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="setStoredCredentialsHexEncoded(boolean)"><!-- --></A><H3> |
| setStoredCredentialsHexEncoded</H3> |
| <PRE> |
| public void <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.209"><B>setStoredCredentialsHexEncoded</B></A>(boolean storedCredentialsHexEncoded)</PRE> |
| <DL> |
| <DD>Sets the indicator if this system's stored credential hash is Hex encoded or not. |
| <p/> |
| A value of <code>true</code> will cause this class to decode the system credential from Hex, a |
| value of <code>false</code> will cause this class to decode the system credential from Base64. |
| <p/> |
| Unless overridden via this method, the default value is <code>true</code> for convenience - all of Shiro's |
| <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><CODE>Hash#toString()</CODE></A> implementations return Hex encoded values by default, making this class's use with |
| those implementations easier. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>storedCredentialsHexEncoded</CODE> - the indicator if this system's stored credential hash is Hex |
| encoded or not ('not' automatically implying it is Base64 encoded).</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="isHashSalted()"><!-- --></A><H3> |
| isHashSalted</H3> |
| <PRE> |
| <FONT SIZE="-1"><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Deprecated.html?is-external=true" title="class or interface in java.lang">@Deprecated</A> |
| </FONT>public boolean <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.237"><B>isHashSalted</B></A>()</PRE> |
| <DL> |
| <DD><B>Deprecated.</B> <I>since Shiro 1.1. Hash salting is now expected to be based on if the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> |
| returned from the <code>Realm</code> is a <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> instance and its |
| <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><CODE>getCredentialsSalt()</CODE></A> method returns a non-null value. |
| This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return |
| <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations |
| that support hashed credentials start returning <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> |
| instances as soon as possible</b>. |
| <p/> |
| This is because salts should always be obtained from the stored account information and |
| never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for |
| attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user |
| are almost impossible to break. This method will be removed in Shiro 2.0.</I> |
| <P> |
| <DD>Returns <code>true</code> if a submitted <code>AuthenticationToken</code>'s credentials should be salted when hashing, |
| <code>false</code> if it should not be salted. |
| <p/> |
| If enabled, the salt used will be obtained via the <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><CODE>getSalt</CODE></A> method. |
| <p/> |
| The default value is <code>false</code>. |
| <P> |
| <DD><DL> |
| |
| <DT><B>Returns:</B><DD><code>true</code> if a submitted <code>AuthenticationToken</code>'s credentials should be salted when hashing, |
| <code>false</code> if it should not be salted.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="setHashSalted(boolean)"><!-- --></A><H3> |
| setHashSalted</H3> |
| <PRE> |
| <FONT SIZE="-1"><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Deprecated.html?is-external=true" title="class or interface in java.lang">@Deprecated</A> |
| </FONT>public void <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.263"><B>setHashSalted</B></A>(boolean hashSalted)</PRE> |
| <DL> |
| <DD><B>Deprecated.</B> <I>since Shiro 1.1. Hash salting is now expected to be based on if the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> |
| returned from the <code>Realm</code> is a <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> instance and its |
| <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><CODE>getCredentialsSalt()</CODE></A> method returns a non-null value. |
| This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return |
| <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations |
| that support hashed credentials start returning <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> |
| instances as soon as possible</b>. |
| <p/> |
| This is because salts should always be obtained from the stored account information and |
| never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for |
| attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user |
| are almost impossible to break. This method will be removed in Shiro 2.0.</I> |
| <P> |
| <DD>Sets whether or not to salt a submitted <code>AuthenticationToken</code>'s credentials when hashing. |
| <p/> |
| If enabled, the salt used will be obtained via the <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><CODE>getCredentialsSalt</CODE></A> method. |
| </p> |
| The default value is <code>false</code>. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>hashSalted</CODE> - whether or not to salt a submitted <code>AuthenticationToken</code>'s credentials when hashing.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getHashIterations()"><!-- --></A><H3> |
| getHashIterations</H3> |
| <PRE> |
| public int <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.276"><B>getHashIterations</B></A>()</PRE> |
| <DL> |
| <DD>Returns the number of times a submitted <code>AuthenticationToken</code>'s credentials will be hashed before |
| comparing to the credentials stored in the system. |
| <p/> |
| Unless overridden, the default value is <code>1</code>, meaning a normal hash execution will occur. |
| <P> |
| <DD><DL> |
| |
| <DT><B>Returns:</B><DD>the number of times a submitted <code>AuthenticationToken</code>'s credentials will be hashed before |
| comparing to the credentials stored in the system.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="setHashIterations(int)"><!-- --></A><H3> |
| setHashIterations</H3> |
| <PRE> |
| public void <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.291"><B>setHashIterations</B></A>(int hashIterations)</PRE> |
| <DL> |
| <DD>Sets the number of times a submitted <code>AuthenticationToken</code>'s credentials will be hashed before comparing |
| to the credentials stored in the system. |
| <p/> |
| Unless overridden, the default value is <code>1</code>, meaning a normal single hash execution will occur. |
| <p/> |
| If this argument is less than 1 (i.e. 0 or negative), the default value of 1 is applied. There must always be |
| at least 1 hash iteration (otherwise there would be no hash). |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>hashIterations</CODE> - the number of times to hash a submitted <code>AuthenticationToken</code>'s credentials.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getSalt(org.apache.shiro.authc.AuthenticationToken)"><!-- --></A><H3> |
| getSalt</H3> |
| <PRE> |
| <FONT SIZE="-1"><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Deprecated.html?is-external=true" title="class or interface in java.lang">@Deprecated</A> |
| </FONT>protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.321"><B>getSalt</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token)</PRE> |
| <DL> |
| <DD><B>Deprecated.</B> <I>since Shiro 1.1. Hash salting is now expected to be based on if the <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>AuthenticationInfo</CODE></A> |
| returned from the <code>Realm</code> is a <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> instance and its |
| <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html#getCredentialsSalt()"><CODE>getCredentialsSalt()</CODE></A> method returns a non-null value. |
| This method and the 1.0 behavior still exists for backwards compatibility if the <code>Realm</code> does not return |
| <code>SaltedAuthenticationInfo</code> instances, but <b>it is highly recommended that <code>Realm</code> implementations |
| that support hashed credentials start returning <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> |
| instances as soon as possible</b>.<p/> |
| This is because salts should always be obtained from the stored account information and |
| never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for |
| attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user |
| are almost impossible to break. This method will be removed in Shiro 2.0.</I> |
| <P> |
| <DD>Returns a salt value used to hash the token's credentials. |
| <p/> |
| This default implementation merely returns <code>token.getPrincipal()</code>, effectively using the user's |
| identity (username, user id, etc) as the salt, a most common technique. If you wish to provide the |
| authentication token's salt another way, you may override this method. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>token</CODE> - the AuthenticationToken submitted during the authentication attempt. |
| <DT><B>Returns:</B><DD>a salt value to use to hash the authentication token's credentials.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="getCredentials(org.apache.shiro.authc.AuthenticationInfo)"><!-- --></A><H3> |
| getCredentials</H3> |
| <PRE> |
| protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.344"><B>getCredentials</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> info)</PRE> |
| <DL> |
| <DD>Returns a <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><CODE>Hash</CODE></A> instance representing the already-hashed AuthenticationInfo credentials stored in the system. |
| <p/> |
| This method reconstructs a <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><CODE>Hash</CODE></A> instance based on a <code>info.getCredentials</code> call, |
| but it does <em>not</em> hash that value - it is expected that method call will return an already-hashed value. |
| <p/> |
| This implementation's reconstruction effort functions as follows: |
| <ol> |
| <li>Convert <code>account.getCredentials()</code> to a byte array via the <A HREF="../../../../../org/apache/shiro/codec/CodecSupport.html#toBytes(char[])"><CODE>toBytes</CODE></A> method. |
| <li>If <code>account.getCredentials()</code> was originally a String or char[] before <code>toBytes</code> was |
| called, check for encoding: |
| <li>If <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#storedCredentialsHexEncoded"><CODE>storedCredentialsHexEncoded</CODE></A>, Hex decode that byte array, otherwise |
| Base64 decode the byte array</li> |
| <li>Set the byte[] array directly on the <code>Hash</code> implementation and return it.</li> |
| </ol> |
| <P> |
| <DD><DL> |
| <DT><B>Overrides:</B><DD><CODE><A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#getCredentials(org.apache.shiro.authc.AuthenticationInfo)">getCredentials</A></CODE> in class <CODE><A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">SimpleCredentialsMatcher</A></CODE></DL> |
| </DD> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>info</CODE> - the AuthenticationInfo from which to retrieve the credentials which assumed to be in already-hashed form. |
| <DT><B>Returns:</B><DD>a <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash"><CODE>Hash</CODE></A> instance representing the given AuthenticationInfo's stored credentials.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="doCredentialsMatch(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)"><!-- --></A><H3> |
| doCredentialsMatch</H3> |
| <PRE> |
| public boolean <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.378"><B>doCredentialsMatch</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token, |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> info)</PRE> |
| <DL> |
| <DD>This implementation first hashes the <code>token</code>'s credentials, potentially using a |
| <code>salt</code> if the <code>info</code> argument is a |
| <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A>. It then compares the hash |
| against the <code>AuthenticationInfo</code>'s |
| <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getCredentials(org.apache.shiro.authc.AuthenticationInfo)"><CODE>already-hashed credentials</CODE></A>. This method |
| returns <code>true</code> if those two values are <A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#equals(java.lang.Object, java.lang.Object)"><CODE>equal</CODE></A>, <code>false</code> otherwise. |
| <P> |
| <DD><DL> |
| <DT><B>Specified by:</B><DD><CODE><A HREF="../../../../../org/apache/shiro/authc/credential/CredentialsMatcher.html#doCredentialsMatch(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">doCredentialsMatch</A></CODE> in interface <CODE><A HREF="../../../../../org/apache/shiro/authc/credential/CredentialsMatcher.html" title="interface in org.apache.shiro.authc.credential">CredentialsMatcher</A></CODE><DT><B>Overrides:</B><DD><CODE><A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#doCredentialsMatch(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)">doCredentialsMatch</A></CODE> in class <CODE><A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html" title="class in org.apache.shiro.authc.credential">SimpleCredentialsMatcher</A></CODE></DL> |
| </DD> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>token</CODE> - the <code>AuthenticationToken</code> submitted during the authentication attempt.<DD><CODE>info</CODE> - the <code>AuthenticationInfo</code> stored in the system matching the token principal |
| <DT><B>Returns:</B><DD><code>true</code> if the provided token credentials hash match to the stored account credentials hash, |
| <code>false</code> otherwise<DT><B>Since:</B></DT> |
| <DD>1.1</DD> |
| </DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="hashProvidedCredentials(org.apache.shiro.authc.AuthenticationToken, org.apache.shiro.authc.AuthenticationInfo)"><!-- --></A><H3> |
| hashProvidedCredentials</H3> |
| <PRE> |
| protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.402"><B>hashProvidedCredentials</B></A>(<A HREF="../../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</A> token, |
| <A HREF="../../../../../org/apache/shiro/authc/AuthenticationInfo.html" title="interface in org.apache.shiro.authc">AuthenticationInfo</A> info)</PRE> |
| <DL> |
| <DD>Hash the provided <code>token</code>'s credentials using the salt stored with the account if the |
| <code>info</code> instance is an <code>instanceof</code> <A HREF="../../../../../org/apache/shiro/authc/SaltedAuthenticationInfo.html" title="interface in org.apache.shiro.authc"><CODE>SaltedAuthenticationInfo</CODE></A> (see |
| the class-level JavaDoc for why this is the preferred approach). |
| <p/> |
| If the <code>info</code> instance is <em>not</em> |
| an <code>instanceof</code> <code>SaltedAuthenticationInfo</code>, the logic will fall back to Shiro 1.0 |
| backwards-compatible logic: it will first check to see <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#isHashSalted()"><CODE>isHashSalted</CODE></A> and if so, will try |
| to acquire the salt from <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getSalt(org.apache.shiro.authc.AuthenticationToken)"><CODE>getSalt(AuthenticationToken)</CODE></A>. See the class-level |
| JavaDoc for why this is not recommended. This 'fallback' logic exists only for backwards-compatibility. |
| <code>Realm</code>s should be updated as soon as possible to return <code>SaltedAuthenticationInfo</code> instances |
| if account credentials salting is enabled (highly recommended for password-based systems). |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>token</CODE> - the submitted authentication token from which its credentials will be hashed<DD><CODE>info</CODE> - the stored account data, potentially used to acquire a salt |
| <DT><B>Returns:</B><DD>the token credentials hash<DT><B>Since:</B></DT> |
| <DD>1.1</DD> |
| </DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="hashProvidedCredentials(java.lang.Object, java.lang.Object, int)"><!-- --></A><H3> |
| hashProvidedCredentials</H3> |
| <PRE> |
| protected <A HREF="../../../../../org/apache/shiro/crypto/hash/Hash.html" title="interface in org.apache.shiro.crypto.hash">Hash</A> <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.443"><B>hashProvidedCredentials</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> credentials, |
| <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> salt, |
| int hashIterations)</PRE> |
| <DL> |
| <DD>Hashes the provided credentials a total of <code>hashIterations</code> times, using the given salt. The hash |
| implementation/algorithm used is based on the <A HREF="../../../../../org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#getHashAlgorithmName()"><CODE>hashAlgorithmName</CODE></A> property. |
| <P> |
| <DD><DL> |
| <DT><B>Parameters:</B><DD><CODE>credentials</CODE> - the submitted authentication token's credentials to hash<DD><CODE>salt</CODE> - the value to salt the hash, or <code>null</code> if a salt will not be used.<DD><CODE>hashIterations</CODE> - the number of times to hash the credentials. At least one hash will always occur though, |
| even if this argument is 0 or negative. |
| <DT><B>Returns:</B><DD>the hashed value of the provided credentials, according to the specified salt and hash iterations.</DL> |
| </DD> |
| </DL> |
| <HR> |
| |
| <A NAME="newHashInstance()"><!-- --></A><H3> |
| newHashInstance</H3> |
| <PRE> |
| protected <A HREF="../../../../../org/apache/shiro/crypto/hash/AbstractHash.html" title="class in org.apache.shiro.crypto.hash">AbstractHash</A> <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/HashedCredentialsMatcher.html#line.454"><B>newHashInstance</B></A>()</PRE> |
| <DL> |
| <DD>Returns a new, <em>uninitialized</em> instance, without its byte array set. Used as a utility method in the |
| <A HREF="../../../../../org/apache/shiro/authc/credential/SimpleCredentialsMatcher.html#getCredentials(org.apache.shiro.authc.AuthenticationInfo)"><CODE>getCredentials(AuthenticationInfo)</CODE></A> implementation. |
| <P> |
| <DD><DL> |
| |
| <DT><B>Returns:</B><DD>a new, <em>uninitialized</em> instance, without its byte array set.</DL> |
| </DD> |
| </DL> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <HR> |
| |
| |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <A NAME="navbar_bottom"><!-- --></A> |
| <A HREF="#skip-navbar_bottom" title="Skip navigation links"></A> |
| <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> |
| <TR> |
| <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> |
| <A NAME="navbar_bottom_firstrow"><!-- --></A> |
| <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> |
| <TR ALIGN="center" VALIGN="top"> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> |
| <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/HashedCredentialsMatcher.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> |
| <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD> |
| </TR> |
| </TABLE> |
| </TD> |
| <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> |
| </EM> |
| </TD> |
| </TR> |
| |
| <TR> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../../../../../org/apache/shiro/authc/credential/DefaultPasswordService.html" title="class in org.apache.shiro.authc.credential"><B>PREV CLASS</B></A> |
| <A HREF="../../../../../org/apache/shiro/authc/credential/HashingPasswordService.html" title="interface in org.apache.shiro.authc.credential"><B>NEXT CLASS</B></A></FONT></TD> |
| <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> |
| <A HREF="../../../../../index.html?org/apache/shiro/authc/credential/HashedCredentialsMatcher.html" target="_top"><B>FRAMES</B></A> |
| <A HREF="HashedCredentialsMatcher.html" target="_top"><B>NO FRAMES</B></A> |
| <SCRIPT type="text/javascript"> |
| <!-- |
| if(window==top) { |
| document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>'); |
| } |
| //--> |
| </SCRIPT> |
| <NOSCRIPT> |
| <A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A> |
| </NOSCRIPT> |
| |
| |
| </FONT></TD> |
| </TR> |
| <TR> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| SUMMARY: NESTED | <A HREF="#fields_inherited_from_class_org.apache.shiro.codec.CodecSupport">FIELD</A> | <A HREF="#constructor_summary">CONSTR</A> | <A HREF="#method_summary">METHOD</A></FONT></TD> |
| <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> |
| DETAIL: FIELD | <A HREF="#constructor_detail">CONSTR</A> | <A HREF="#method_detail">METHOD</A></FONT></TD> |
| </TR> |
| </TABLE> |
| <A NAME="skip-navbar_bottom"></A> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| |
| <HR> |
| Copyright © 2004-2014 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved. |
| </BODY> |
| </HTML> |