ShaPasswordEncoder

Class Overview

SHA implementation of PasswordEncoder.

If a null password is presented, it will be treated as an empty String ("") password.

As SHA is a one-way hash, the salt can contain any characters. The default strength for the SHA encoding is SHA-1. If you wish to use higher strengths use the argumented constructor. ShaPasswordEncoder(int)

The applicationContext example...

 <bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder">
     <constructor-arg value="256"/>
 </bean>
 

Summary

[Expand] Inherited Methods
From class org.springframework.security.authentication.encoding.MessageDigestPasswordEncoder String encodePassword(String rawPass, Object salt) Encodes the rawPass using a MessageDigest. String getAlgorithm() final MessageDigest getMessageDigest() Get a MessageDigest instance for the given algorithm. boolean isPasswordValid(String encPass, String rawPass, Object salt) Takes a previously encoded password and compares it with a rawpassword after mixing in the salt and encoding that value void setIterations(int iterations) Sets the number of iterations for which the calculated hash value should be "stretched".
From class org.springframework.security.authentication.encoding.BaseDigestPasswordEncoder boolean getEncodeHashAsBase64() void setEncodeHashAsBase64(boolean encodeHashAsBase64) The encoded password is normally returned as Hex (32 char) version of the hash bytes.
From class org.springframework.security.authentication.encoding.BasePasswordEncoder String[] demergePasswordAndSalt(String mergedPasswordSalt) Used by subclasses to extract the password and salt from a merged String created using mergePasswordAndSalt(String, Object, boolean). String mergePasswordAndSalt(String password, Object salt, boolean strict) Used by subclasses to generate a merged password and salt String.
From class java.lang.Object Object clone() boolean equals(Object arg0) void finalize() final Class<?> getClass() int hashCode() final void notify() final void notifyAll() String toString() final void wait() final void wait(long arg0, int arg1) final void wait(long arg0)
From interface org.springframework.security.authentication.encoding.PasswordEncoder abstract String encodePassword(String rawPass, Object salt) Encodes the specified raw password with an implementation specific algorithm. abstract boolean isPasswordValid(String encPass, String rawPass, Object salt) Validates a specified "raw" password against an encoded password.