org.apache.ftpserver.usermanager
Class SaltedPasswordEncryptor

java.lang.Object
  extended by org.apache.ftpserver.usermanager.SaltedPasswordEncryptor
All Implemented Interfaces:
PasswordEncryptor

public class SaltedPasswordEncryptor
extends Object
implements PasswordEncryptor

Password encryptor that hashes a salt together with the password using MD5. Using a salt protects against birthday attacks. The hashing is also made in iterations, making lookup attacks much harder. The algorithm is based on the principles described in http://www.jasypt.org/howtoencryptuserpasswords.html

Author:
Apache MINA Project

Constructor Summary
SaltedPasswordEncryptor()
           
 
Method Summary
 String encrypt(String password)
          Encrypts the password using a salt concatenated with the password and a series of MD5 steps.
 boolean matches(String passwordToCheck, String storedPassword)
          Matches an encrypted password with that stored
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SaltedPasswordEncryptor

public SaltedPasswordEncryptor()
Method Detail

encrypt

public String encrypt(String password)
Encrypts the password using a salt concatenated with the password and a series of MD5 steps.

Specified by:
encrypt in interface PasswordEncryptor
Parameters:
password - The clear text password
Returns:
The encrypted password

matches

public boolean matches(String passwordToCheck,
                       String storedPassword)
Matches an encrypted password with that stored

Specified by:
matches in interface PasswordEncryptor
Parameters:
passwordToCheck - The encrypted password to check
storedPassword - The stored password
Returns:
true if the password match


Copyright © 2003-2011 Apache Software Foundation. All Rights Reserved.