src/site/assets/static/1.2.4/apidocs/org/apache/shiro/authc/credential/PasswordService.html - shiro-site - Git at Google

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <!--NewPage-->
 <HTML>
 <HEAD>
 <!-- Generated by javadoc (build 1.6.0_65) on Fri Mar 04 17:58:54 EST 2016 -->
 <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
 <TITLE>
 PasswordService (Apache Shiro 1.2.4 API)
 </TITLE>

 <META NAME="date" CONTENT="2016-03-04">

 <LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../../stylesheet.css" TITLE="Style">

 <SCRIPT type="text/javascript">
 function windowTitle()
 {
     if (location.href.indexOf('is-external=true') == -1) {
         parent.document.title="PasswordService (Apache Shiro 1.2.4 API)";
     }
 }
 </SCRIPT>
 <NOSCRIPT>
 </NOSCRIPT>

 </HEAD>

 <BODY BGCOLOR="white" onload="windowTitle();">
 <HR>


 <!-- ========= START OF TOP NAVBAR ======= -->
 <A NAME="navbar_top"><!-- --></A>
 <A HREF="#skip-navbar_top" title="Skip navigation links"></A>
 <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
 <TR>
 <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
 <A NAME="navbar_top_firstrow"><!-- --></A>
 <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
   <TR ALIGN="center" VALIGN="top">
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="class-use/PasswordService.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
   </TR>
 </TABLE>
 </TD>
 <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
 </EM>
 </TD>
 </TR>

 <TR>
 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
 &nbsp;<A HREF="../../../../../org/apache/shiro/authc/credential/PasswordMatcher.html" title="class in org.apache.shiro.authc.credential"><B>PREV CLASS</B></A>&nbsp;
 &nbsp;<A HREF="../../../../../org/apache/shiro/authc/credential/Sha1CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential"><B>NEXT CLASS</B></A></FONT></TD>
 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
   <A HREF="../../../../../index.html?org/apache/shiro/authc/credential/PasswordService.html" target="_top"><B>FRAMES</B></A>  &nbsp;
 &nbsp;<A HREF="PasswordService.html" target="_top"><B>NO FRAMES</B></A>  &nbsp;
 &nbsp;<SCRIPT type="text/javascript">
   <!--
   if(window==top) {
     document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>');
   }
   //-->
 </SCRIPT>
 <NOSCRIPT>
   <A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>
 </NOSCRIPT>


 </FONT></TD>
 </TR>
 <TR>
 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
   SUMMARY:&nbsp;NESTED&nbsp;|&nbsp;FIELD&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
 DETAIL:&nbsp;FIELD&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
 </TR>
 </TABLE>
 <A NAME="skip-navbar_top"></A>
 <!-- ========= END OF TOP NAVBAR ========= -->

 <HR>
 <!-- ======== START OF CLASS DATA ======== -->
 <H2>
 <FONT SIZE="-1">
 org.apache.shiro.authc.credential</FONT>
 <BR>
 Interface PasswordService</H2>
 <DL>
 <DT><B>All Known Subinterfaces:</B> <DD><A HREF="../../../../../org/apache/shiro/authc/credential/HashingPasswordService.html" title="interface in org.apache.shiro.authc.credential">HashingPasswordService</A></DD>
 </DL>
 <DL>
 <DT><B>All Known Implementing Classes:</B> <DD><A HREF="../../../../../org/apache/shiro/authc/credential/DefaultPasswordService.html" title="class in org.apache.shiro.authc.credential">DefaultPasswordService</A></DD>
 </DL>
 <HR>
 <DL>
 <DT><PRE>public interface <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/PasswordService.html#line.72"><B>PasswordService</B></A></DL>
 </PRE>

 <P>
 A <code>PasswordService</code> supports common use cases when using passwords as a credentials mechanism.
  <p/>
  Most importantly, implementations of this interface are expected to employ best-practices to ensure that
  passwords remain as safe as possible in application environments.
  <h2>Usage</h2>
  A <code>PasswordService</code> is used at two different times during an application's lifecycle:
  <ul>
  <li>When creating a user account or resetting their password</li>
  <li>When a user logs in, when passwords must be compared</li>
  </ul>
  <h3>Account Creation or Password Reset</h3>
  Whenever you create a new user account or reset that account's password, we must translate the end-user submitted
  raw/plaintext password value to a string format that is much safer to store.  You do that by calling the
  <A HREF="../../../../../org/apache/shiro/authc/credential/PasswordService.html#encryptPassword(java.lang.Object)"><CODE>encryptPassword(Object)</CODE></A> method to create the safer value.  For
  example:
  <pre>
  String submittedPlaintextPassword = ...
  String encryptedValue = passwordService.encryptPassword(submittedPlaintextPassword);
  ...
  userAccount.setPassword(encryptedValue);
  userAccount.save(); //create or update to your data store
  </pre>
  Be sure to save this encrypted password in your data store and never the original/raw submitted password.
  <h3>Login Password Comparison</h3>
  Shiro performs the comparison during login automatically.  Along with your <code>PasswordService</code>, you just
  have to configure a <A HREF="../../../../../org/apache/shiro/authc/credential/PasswordMatcher.html" title="class in org.apache.shiro.authc.credential"><CODE>PasswordMatcher</CODE></A> on a realm that has password-based accounts.   During a login attempt,
  shiro will use the <code>PasswordMatcher</code> and the <code>PasswordService</code> to automatically compare submitted
  passwords.
  <p/>
  For example, if using Shiro's INI, here is how you might configure the PasswordMatcher and PasswordService:
  <pre>
  [main]
  ...
  passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
  # configure the passwordService to use the settings you desire
  ...
  passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
  passwordMatcher.passwordService = $passwordService
  ...
  # Finally, set the matcher on a realm that requires password matching for account authentication:
  myRealm = ...
  myRealm.credentialsMatcher = $passwordMatcher
  </pre>
 <P>

 <P>
 <DL>
 <DT><B>Since:</B></DT>
   <DD>1.2</DD>
 <DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/authc/credential/DefaultPasswordService.html" title="class in org.apache.shiro.authc.credential"><CODE>DefaultPasswordService</CODE></A>,
 <A HREF="../../../../../org/apache/shiro/authc/credential/PasswordMatcher.html" title="class in org.apache.shiro.authc.credential"><CODE>PasswordMatcher</CODE></A></DL>
 <HR>

 <P>

 <!-- ========== METHOD SUMMARY =========== -->

 <A NAME="method_summary"><!-- --></A>
 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
 <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
 <B>Method Summary</B></FONT></TH>
 </TR>
 <TR BGCOLOR="white" CLASS="TableRowColor">
 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
 <CODE>&nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD>
 <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/PasswordService.html#encryptPassword(java.lang.Object)">encryptPassword</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A>&nbsp;plaintextPassword)</CODE>

 <BR>
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Converts the specified plaintext password (usually acquired from your application's 'new user' or 'password reset'
  workflow) into a formatted string safe for storage.</TD>
 </TR>
 <TR BGCOLOR="white" CLASS="TableRowColor">
 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
 <CODE>&nbsp;boolean</CODE></FONT></TD>
 <TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/PasswordService.html#passwordsMatch(java.lang.Object, java.lang.String)">passwordsMatch</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A>&nbsp;submittedPlaintext,
                              <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;encrypted)</CODE>

 <BR>
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns <code>true</code> if the <code>submittedPlaintext</code> password matches the existing <code>saved</code> password,
  <code>false</code> otherwise.</TD>
 </TR>
 </TABLE>
 &nbsp;
 <P>

 <!-- ============ METHOD DETAIL ========== -->

 <A NAME="method_detail"><!-- --></A>
 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
 <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
 <B>Method Detail</B></FONT></TH>
 </TR>
 </TABLE>

 <A NAME="encryptPassword(java.lang.Object)"><!-- --></A><H3>
 encryptPassword</H3>
 <PRE>
 <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/PasswordService.html#line.115"><B>encryptPassword</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A>&nbsp;plaintextPassword)
                        throws <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></PRE>
 <DL>
 <DD>Converts the specified plaintext password (usually acquired from your application's 'new user' or 'password reset'
  workflow) into a formatted string safe for storage.  The returned string can be safely saved with the
  corresponding user account record (e.g. as a 'password' attribute).
  <p/>
  It is expected that the String returned from this method will be presented to the
  <A HREF="../../../../../org/apache/shiro/authc/credential/PasswordService.html#passwordsMatch(java.lang.Object, java.lang.String)"><CODE>passwordsMatch(plaintext,encrypted)</CODE></A> method when performing a
  password comparison check.
  <h3>Usage</h3>
  The input argument type can be any 'byte backed' <code>Object</code> - almost always either a
  String or character array representing passwords (character arrays are often a safer way to represent passwords
  as they can be cleared/nulled-out after use.  Any argument type supported by
  <CODE>ByteSource.Util#isCompatible(Object)</CODE> is valid.
  <p/>
  For example:
  <pre>
  String rawPassword = ...
  String encryptedValue = passwordService.encryptPassword(rawPassword);
  </pre>
  or, identically:
  <pre>
  char[] rawPasswordChars = ...
  String encryptedValue = passwordService.encryptPassword(rawPasswordChars);
  </pre>
  <p/>
  The resulting <code>encryptedValue</code> should be stored with the account to be retrieved later during a
  login attempt.  For example:
  <pre>
  String encryptedValue = passwordService.encryptPassword(rawPassword);
  ...
  userAccount.setPassword(encryptedValue);
  userAccount.save(); //create or update to your data store
  </pre>
 <P>
 <DD><DL>
 <DT><B>Parameters:</B><DD><CODE>plaintextPassword</CODE> - the raw password as 'byte-backed' object (String, character array, <A HREF="../../../../../org/apache/shiro/util/ByteSource.html" title="interface in org.apache.shiro.util"><CODE>ByteSource</CODE></A>,
                           etc) usually acquired from your application's 'new user' or 'password reset' workflow.
 <DT><B>Returns:</B><DD>the encrypted password, formatted for storage.
 <DT><B>Throws:</B>
 <DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></CODE> - if the argument cannot be easily converted to bytes as defined by
                                   <CODE>ByteSource.Util#isCompatible(Object)</CODE>.<DT><B>See Also:</B><DD><CODE>ByteSource.Util#isCompatible(Object)</CODE></DL>
 </DD>
 </DL>
 <HR>

 <A NAME="passwordsMatch(java.lang.Object, java.lang.String)"><!-- --></A><H3>
 passwordsMatch</H3>
 <PRE>
 boolean <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/PasswordService.html#line.146"><B>passwordsMatch</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A>&nbsp;submittedPlaintext,
                        <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;encrypted)</PRE>
 <DL>
 <DD>Returns <code>true</code> if the <code>submittedPlaintext</code> password matches the existing <code>saved</code> password,
  <code>false</code> otherwise.
  <h3>Usage</h3>
  The <code>submittedPlaintext</code> argument type can be any 'byte backed' <code>Object</code> - almost always either a
  String or character array representing passwords (character arrays are often a safer way to represent passwords
  as they can be cleared/nulled-out after use.  Any argument type supported by
  <CODE>ByteSource.Util#isCompatible(Object)</CODE> is valid.
  <p/>
  For example:
  <pre>
  String submittedPassword = ...
  passwordService.passwordsMatch(submittedPassword, encryptedPassword);
  </pre>
  or similarly:
  <pre>
  char[] submittedPasswordCharacters = ...
  passwordService.passwordsMatch(submittedPasswordCharacters, encryptedPassword);
  </pre>
 <P>
 <DD><DL>
 <DT><B>Parameters:</B><DD><CODE>submittedPlaintext</CODE> - a raw/plaintext password submitted by an end user/Subject.<DD><CODE>encrypted</CODE> - the previously encrypted password known to be associated with an account.
                            This value is expected to have been previously generated from the
                            <A HREF="../../../../../org/apache/shiro/authc/credential/PasswordService.html#encryptPassword(java.lang.Object)"><CODE>encryptPassword</CODE></A> method (typically
                            when the account is created or the account's password is reset).
 <DT><B>Returns:</B><DD><code>true</code> if the <code>submittedPlaintext</code> password matches the existing <code>saved</code> password,
          <code>false</code> otherwise.<DT><B>See Also:</B><DD><CODE>ByteSource.Util#isCompatible(Object)</CODE></DL>
 </DD>
 </DL>
 <!-- ========= END OF CLASS DATA ========= -->
 <HR>


 <!-- ======= START OF BOTTOM NAVBAR ====== -->
 <A NAME="navbar_bottom"><!-- --></A>
 <A HREF="#skip-navbar_bottom" title="Skip navigation links"></A>
 <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
 <TR>
 <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
 <A NAME="navbar_bottom_firstrow"><!-- --></A>
 <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
   <TR ALIGN="center" VALIGN="top">
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="class-use/PasswordService.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
   </TR>
 </TABLE>
 </TD>
 <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
 </EM>
 </TD>
 </TR>

 <TR>
 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
 &nbsp;<A HREF="../../../../../org/apache/shiro/authc/credential/PasswordMatcher.html" title="class in org.apache.shiro.authc.credential"><B>PREV CLASS</B></A>&nbsp;
 &nbsp;<A HREF="../../../../../org/apache/shiro/authc/credential/Sha1CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential"><B>NEXT CLASS</B></A></FONT></TD>
 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
   <A HREF="../../../../../index.html?org/apache/shiro/authc/credential/PasswordService.html" target="_top"><B>FRAMES</B></A>  &nbsp;
 &nbsp;<A HREF="PasswordService.html" target="_top"><B>NO FRAMES</B></A>  &nbsp;
 &nbsp;<SCRIPT type="text/javascript">
   <!--
   if(window==top) {
     document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>');
   }
   //-->
 </SCRIPT>
 <NOSCRIPT>
   <A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>
 </NOSCRIPT>


 </FONT></TD>
 </TR>
 <TR>
 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
   SUMMARY:&nbsp;NESTED&nbsp;|&nbsp;FIELD&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
 DETAIL:&nbsp;FIELD&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
 </TR>
 </TABLE>
 <A NAME="skip-navbar_bottom"></A>
 <!-- ======== END OF BOTTOM NAVBAR ======= -->

 <HR>
 Copyright &#169; 2004-2016 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved.
 </BODY>
 </HTML>
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
	<!--NewPage-->
	<HTML>
	<HEAD>
	<!-- Generated by javadoc (build 1.6.0_65) on Fri Mar 04 17:58:54 EST 2016 -->
	<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
	<TITLE>
	PasswordService (Apache Shiro 1.2.4 API)
	</TITLE>

	<META NAME="date" CONTENT="2016-03-04">

	<LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../../stylesheet.css" TITLE="Style">

	<SCRIPT type="text/javascript">
	function windowTitle()
	{
	if (location.href.indexOf('is-external=true') == -1) {
	parent.document.title="PasswordService (Apache Shiro 1.2.4 API)";
	}
	}
	</SCRIPT>
	<NOSCRIPT>
	</NOSCRIPT>

	</HEAD>

	<BODY BGCOLOR="white" onload="windowTitle();">
	<HR>


	<!-- ========= START OF TOP NAVBAR ======= -->
	<A NAME="navbar_top"><!-- --></A>
	<A HREF="#skip-navbar_top" title="Skip navigation links"></A>
	<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
	<TR>
	<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
	<A NAME="navbar_top_firstrow"><!-- --></A>
	<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
	<TR ALIGN="center" VALIGN="top">
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD>
	<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev">  <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/PasswordService.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD>
	</TR>
	</TABLE>
	</TD>
	<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
	</EM>
	</TD>
	</TR>

	<TR>
	<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
	<A HREF="../../../../../org/apache/shiro/authc/credential/PasswordMatcher.html" title="class in org.apache.shiro.authc.credential"><B>PREV CLASS</B></A>
	<A HREF="../../../../../org/apache/shiro/authc/credential/Sha1CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential"><B>NEXT CLASS</B></A></FONT></TD>
	<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
	<A HREF="../../../../../index.html?org/apache/shiro/authc/credential/PasswordService.html" target="_top"><B>FRAMES</B></A>
	<A HREF="PasswordService.html" target="_top"><B>NO FRAMES</B></A>
	<SCRIPT type="text/javascript">
	<!--
	if(window==top) {
	document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>');
	}
	//-->
	</SCRIPT>
	<NOSCRIPT>
	<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>
	</NOSCRIPT>


	</FONT></TD>
	</TR>
	<TR>
	<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
	SUMMARY: NESTED \| FIELD \| CONSTR \| <A HREF="#method_summary">METHOD</A></FONT></TD>
	<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
	DETAIL: FIELD \| CONSTR \| <A HREF="#method_detail">METHOD</A></FONT></TD>
	</TR>
	</TABLE>
	<A NAME="skip-navbar_top"></A>
	<!-- ========= END OF TOP NAVBAR ========= -->

	<HR>
	<!-- ======== START OF CLASS DATA ======== -->
	<H2>
	<FONT SIZE="-1">
	org.apache.shiro.authc.credential</FONT>
	<BR>
	Interface PasswordService</H2>
	<DL>
	<DT><B>All Known Subinterfaces:</B> <DD><A HREF="../../../../../org/apache/shiro/authc/credential/HashingPasswordService.html" title="interface in org.apache.shiro.authc.credential">HashingPasswordService</A></DD>
	</DL>
	<DL>
	<DT><B>All Known Implementing Classes:</B> <DD><A HREF="../../../../../org/apache/shiro/authc/credential/DefaultPasswordService.html" title="class in org.apache.shiro.authc.credential">DefaultPasswordService</A></DD>
	</DL>
	<HR>
	<DL>
	<DT><PRE>public interface <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/PasswordService.html#line.72"><B>PasswordService</B></A></DL>
	</PRE>

	<P>
	A <code>PasswordService</code> supports common use cases when using passwords as a credentials mechanism.
	<p/>
	Most importantly, implementations of this interface are expected to employ best-practices to ensure that
	passwords remain as safe as possible in application environments.
	<h2>Usage</h2>
	A <code>PasswordService</code> is used at two different times during an application's lifecycle:
	<ul>
	<li>When creating a user account or resetting their password</li>
	<li>When a user logs in, when passwords must be compared</li>
	</ul>
	<h3>Account Creation or Password Reset</h3>
	Whenever you create a new user account or reset that account's password, we must translate the end-user submitted
	raw/plaintext password value to a string format that is much safer to store. You do that by calling the
	<A HREF="../../../../../org/apache/shiro/authc/credential/PasswordService.html#encryptPassword(java.lang.Object)"><CODE>encryptPassword(Object)</CODE></A> method to create the safer value. For
	example:
	<pre>
	String submittedPlaintextPassword = ...
	String encryptedValue = passwordService.encryptPassword(submittedPlaintextPassword);
	...
	userAccount.setPassword(encryptedValue);
	userAccount.save(); //create or update to your data store
	</pre>
	Be sure to save this encrypted password in your data store and never the original/raw submitted password.
	<h3>Login Password Comparison</h3>
	Shiro performs the comparison during login automatically. Along with your <code>PasswordService</code>, you just
	have to configure a <A HREF="../../../../../org/apache/shiro/authc/credential/PasswordMatcher.html" title="class in org.apache.shiro.authc.credential"><CODE>PasswordMatcher</CODE></A> on a realm that has password-based accounts. During a login attempt,
	shiro will use the <code>PasswordMatcher</code> and the <code>PasswordService</code> to automatically compare submitted
	passwords.
	<p/>
	For example, if using Shiro's INI, here is how you might configure the PasswordMatcher and PasswordService:
	<pre>
	[main]
	...
	passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
	# configure the passwordService to use the settings you desire
	...
	passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
	passwordMatcher.passwordService = $passwordService
	...
	# Finally, set the matcher on a realm that requires password matching for account authentication:
	myRealm = ...
	myRealm.credentialsMatcher = $passwordMatcher
	</pre>
	<P>

	<P>
	<DL>
	<DT><B>Since:</B></DT>
	<DD>1.2</DD>
	<DT><B>See Also:</B><DD><A HREF="../../../../../org/apache/shiro/authc/credential/DefaultPasswordService.html" title="class in org.apache.shiro.authc.credential"><CODE>DefaultPasswordService</CODE></A>,
	<A HREF="../../../../../org/apache/shiro/authc/credential/PasswordMatcher.html" title="class in org.apache.shiro.authc.credential"><CODE>PasswordMatcher</CODE></A></DL>
	<HR>

	<P>

	<!-- ========== METHOD SUMMARY =========== -->

	<A NAME="method_summary"><!-- --></A>
	<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
	<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
	<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
	<B>Method Summary</B></FONT></TH>
	</TR>
	<TR BGCOLOR="white" CLASS="TableRowColor">
	<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
	<CODE> <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD>
	<TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/PasswordService.html#encryptPassword(java.lang.Object)">encryptPassword</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> plaintextPassword)</CODE>

	<BR>
	Converts the specified plaintext password (usually acquired from your application's 'new user' or 'password reset'
	workflow) into a formatted string safe for storage.</TD>
	</TR>
	<TR BGCOLOR="white" CLASS="TableRowColor">
	<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
	<CODE> boolean</CODE></FONT></TD>
	<TD><CODE><B><A HREF="../../../../../org/apache/shiro/authc/credential/PasswordService.html#passwordsMatch(java.lang.Object, java.lang.String)">passwordsMatch</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> submittedPlaintext,
	<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> encrypted)</CODE>

	<BR>
	Returns <code>true</code> if the <code>submittedPlaintext</code> password matches the existing <code>saved</code> password,
	<code>false</code> otherwise.</TD>
	</TR>
	</TABLE>

	<P>

	<!-- ============ METHOD DETAIL ========== -->

	<A NAME="method_detail"><!-- --></A>
	<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
	<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
	<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
	<B>Method Detail</B></FONT></TH>
	</TR>
	</TABLE>

	<A NAME="encryptPassword(java.lang.Object)"><!-- --></A><H3>
	encryptPassword</H3>
	<PRE>
	<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/PasswordService.html#line.115"><B>encryptPassword</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> plaintextPassword)
	throws <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></PRE>
	<DL>
	<DD>Converts the specified plaintext password (usually acquired from your application's 'new user' or 'password reset'
	workflow) into a formatted string safe for storage. The returned string can be safely saved with the
	corresponding user account record (e.g. as a 'password' attribute).
	<p/>
	It is expected that the String returned from this method will be presented to the
	<A HREF="../../../../../org/apache/shiro/authc/credential/PasswordService.html#passwordsMatch(java.lang.Object, java.lang.String)"><CODE>passwordsMatch(plaintext,encrypted)</CODE></A> method when performing a
	password comparison check.
	<h3>Usage</h3>
	The input argument type can be any 'byte backed' <code>Object</code> - almost always either a
	String or character array representing passwords (character arrays are often a safer way to represent passwords
	as they can be cleared/nulled-out after use. Any argument type supported by
	<CODE>ByteSource.Util#isCompatible(Object)</CODE> is valid.
	<p/>
	For example:
	<pre>
	String rawPassword = ...
	String encryptedValue = passwordService.encryptPassword(rawPassword);
	</pre>
	or, identically:
	<pre>
	char[] rawPasswordChars = ...
	String encryptedValue = passwordService.encryptPassword(rawPasswordChars);
	</pre>
	<p/>
	The resulting <code>encryptedValue</code> should be stored with the account to be retrieved later during a
	login attempt. For example:
	<pre>
	String encryptedValue = passwordService.encryptPassword(rawPassword);
	...
	userAccount.setPassword(encryptedValue);
	userAccount.save(); //create or update to your data store
	</pre>
	<P>
	<DD><DL>
	<DT><B>Parameters:</B><DD><CODE>plaintextPassword</CODE> - the raw password as 'byte-backed' object (String, character array, <A HREF="../../../../../org/apache/shiro/util/ByteSource.html" title="interface in org.apache.shiro.util"><CODE>ByteSource</CODE></A>,
	etc) usually acquired from your application's 'new user' or 'password reset' workflow.
	<DT><B>Returns:</B><DD>the encrypted password, formatted for storage.
	<DT><B>Throws:</B>
	<DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/IllegalArgumentException.html?is-external=true" title="class or interface in java.lang">IllegalArgumentException</A></CODE> - if the argument cannot be easily converted to bytes as defined by
	<CODE>ByteSource.Util#isCompatible(Object)</CODE>.<DT><B>See Also:</B><DD><CODE>ByteSource.Util#isCompatible(Object)</CODE></DL>
	</DD>
	</DL>
	<HR>

	<A NAME="passwordsMatch(java.lang.Object, java.lang.String)"><!-- --></A><H3>
	passwordsMatch</H3>
	<PRE>
	boolean <A HREF="../../../../../src-html/org/apache/shiro/authc/credential/PasswordService.html#line.146"><B>passwordsMatch</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A> submittedPlaintext,
	<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> encrypted)</PRE>
	<DL>
	<DD>Returns <code>true</code> if the <code>submittedPlaintext</code> password matches the existing <code>saved</code> password,
	<code>false</code> otherwise.
	<h3>Usage</h3>
	The <code>submittedPlaintext</code> argument type can be any 'byte backed' <code>Object</code> - almost always either a
	String or character array representing passwords (character arrays are often a safer way to represent passwords
	as they can be cleared/nulled-out after use. Any argument type supported by
	<CODE>ByteSource.Util#isCompatible(Object)</CODE> is valid.
	<p/>
	For example:
	<pre>
	String submittedPassword = ...
	passwordService.passwordsMatch(submittedPassword, encryptedPassword);
	</pre>
	or similarly:
	<pre>
	char[] submittedPasswordCharacters = ...
	passwordService.passwordsMatch(submittedPasswordCharacters, encryptedPassword);
	</pre>
	<P>
	<DD><DL>
	<DT><B>Parameters:</B><DD><CODE>submittedPlaintext</CODE> - a raw/plaintext password submitted by an end user/Subject.<DD><CODE>encrypted</CODE> - the previously encrypted password known to be associated with an account.
	This value is expected to have been previously generated from the
	<A HREF="../../../../../org/apache/shiro/authc/credential/PasswordService.html#encryptPassword(java.lang.Object)"><CODE>encryptPassword</CODE></A> method (typically
	when the account is created or the account's password is reset).
	<DT><B>Returns:</B><DD><code>true</code> if the <code>submittedPlaintext</code> password matches the existing <code>saved</code> password,
	<code>false</code> otherwise.<DT><B>See Also:</B><DD><CODE>ByteSource.Util#isCompatible(Object)</CODE></DL>
	</DD>
	</DL>
	<!-- ========= END OF CLASS DATA ========= -->
	<HR>


	<!-- ======= START OF BOTTOM NAVBAR ====== -->
	<A NAME="navbar_bottom"><!-- --></A>
	<A HREF="#skip-navbar_bottom" title="Skip navigation links"></A>
	<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
	<TR>
	<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
	<A NAME="navbar_bottom_firstrow"><!-- --></A>
	<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
	<TR ALIGN="center" VALIGN="top">
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD>
	<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev">  <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/PasswordService.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD>
	</TR>
	</TABLE>
	</TD>
	<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
	</EM>
	</TD>
	</TR>

	<TR>
	<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
	<A HREF="../../../../../org/apache/shiro/authc/credential/PasswordMatcher.html" title="class in org.apache.shiro.authc.credential"><B>PREV CLASS</B></A>
	<A HREF="../../../../../org/apache/shiro/authc/credential/Sha1CredentialsMatcher.html" title="class in org.apache.shiro.authc.credential"><B>NEXT CLASS</B></A></FONT></TD>
	<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
	<A HREF="../../../../../index.html?org/apache/shiro/authc/credential/PasswordService.html" target="_top"><B>FRAMES</B></A>
	<A HREF="PasswordService.html" target="_top"><B>NO FRAMES</B></A>
	<SCRIPT type="text/javascript">
	<!--
	if(window==top) {
	document.writeln('<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>');
	}
	//-->
	</SCRIPT>
	<NOSCRIPT>
	<A HREF="../../../../../allclasses-noframe.html"><B>All Classes</B></A>
	</NOSCRIPT>


	</FONT></TD>
	</TR>
	<TR>
	<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
	SUMMARY: NESTED \| FIELD \| CONSTR \| <A HREF="#method_summary">METHOD</A></FONT></TD>
	<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
	DETAIL: FIELD \| CONSTR \| <A HREF="#method_detail">METHOD</A></FONT></TD>
	</TR>
	</TABLE>
	<A NAME="skip-navbar_bottom"></A>
	<!-- ======== END OF BOTTOM NAVBAR ======= -->

	<HR>
	Copyright © 2004-2016 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved.
	</BODY>
	</HTML>