org.apache.ftpserver.usermanager
Class SaltedPasswordEncryptor
java.lang.Object
org.apache.ftpserver.usermanager.SaltedPasswordEncryptor
- All Implemented Interfaces:
- PasswordEncryptor
public class SaltedPasswordEncryptor
- extends java.lang.Object
- implements PasswordEncryptor
Password encryptor that hashes a salt together with the password using MD5.
Using a salt protects against birthday attacks.
The hashing is also made in iterations, making lookup attacks much harder.
The algorithm is based on the principles described in
http://www.jasypt.org/howtoencryptuserpasswords.html
- Version:
- $Rev$, $Date$
- Author:
- The Apache MINA Project (dev@mina.apache.org)
Method Summary |
java.lang.String |
encrypt(java.lang.String password)
Encrypts the password using a salt concatenated with the password
and a series of MD5 steps. |
boolean |
matches(java.lang.String passwordToCheck,
java.lang.String storedPassword)
Matches an encrypted password with that stored |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SaltedPasswordEncryptor
public SaltedPasswordEncryptor()
encrypt
public java.lang.String encrypt(java.lang.String password)
- Encrypts the password using a salt concatenated with the password
and a series of MD5 steps.
- Specified by:
encrypt
in interface PasswordEncryptor
- Parameters:
password
- The clear text password
- Returns:
- The encrypted password
matches
public boolean matches(java.lang.String passwordToCheck,
java.lang.String storedPassword)
- Matches an encrypted password with that stored
- Specified by:
matches
in interface PasswordEncryptor
- Parameters:
passwordToCheck
- The encrypted password to checkstoredPassword
- The stored password
- Returns:
- true if the password match
Copyright © 2003-2011 Apache Software Foundation. All Rights Reserved.