org.apache.ftpserver.usermanager
Class SaltedPasswordEncryptor
java.lang.Object
org.apache.ftpserver.usermanager.SaltedPasswordEncryptor
- All Implemented Interfaces:
- PasswordEncryptor
public class SaltedPasswordEncryptor
- extends Object
- implements PasswordEncryptor
Password encryptor that hashes a salt together with the password using MD5.
Using a salt protects against birthday attacks.
The hashing is also made in iterations, making lookup attacks much harder.
The algorithm is based on the principles described in
http://www.jasypt.org/howtoencryptuserpasswords.html
- Author:
- Apache MINA Project
Method Summary |
String |
encrypt(String password)
Encrypts the password using a salt concatenated with the password
and a series of MD5 steps. |
boolean |
matches(String passwordToCheck,
String storedPassword)
Matches an encrypted password with that stored |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SaltedPasswordEncryptor
public SaltedPasswordEncryptor()
encrypt
public String encrypt(String password)
- Encrypts the password using a salt concatenated with the password
and a series of MD5 steps.
- Specified by:
encrypt
in interface PasswordEncryptor
- Parameters:
password
- The clear text password
- Returns:
- The encrypted password
matches
public boolean matches(String passwordToCheck,
String storedPassword)
- Matches an encrypted password with that stored
- Specified by:
matches
in interface PasswordEncryptor
- Parameters:
passwordToCheck
- The encrypted password to checkstoredPassword
- The stored password
- Returns:
- true if the password match
Copyright © 2003-2011 Apache Software Foundation. All Rights Reserved.