org.picketlink.idm.credential.handler

Class PasswordCredentialHandler<S extends CredentialStore<?>,V extends UsernamePasswordCredentials,U extends Password>

java.lang.Object

org.picketlink.idm.credential.handler.AbstractCredentialHandler<S,V,U>

org.picketlink.idm.credential.handler.PasswordCredentialHandler<S,V,U>

All Implemented Interfaces:

CredentialHandler<S,V,U>

Direct Known Subclasses:

TOTPCredentialHandler

@SupportsCredentials(credentialClass={UsernamePasswordCredentials.class,Password.class},
                     credentialStorage=EncodedPasswordStorage.class)
public class PasswordCredentialHandler<S extends CredentialStore<?>,V extends UsernamePasswordCredentials,U extends Password>
extends AbstractCredentialHandler<S,V,U>

This particular implementation supports the validation of UsernamePasswordCredentials, and updating Password credentials.

How passwords are encoded can be changed by specifying a configuration option using the PASSWORD_ENCODER. By default a SHA-512 encoding is performed.

Password are always salted before encoding.

Author:

Shane Bryzak, Pedro Silva

Field Summary

Fields

Modifier and Type	Field and Description
static String	ALGORITHM_RANDOM_NUMBER The algorithm to be used to salt passwords.
static String	KEY_LENGTH_RANDOM_NUMBER Key length when generating a seed for random numbers.
static String	PASSWORD_ENCODER Stores a stateless instance of PasswordEncoder that should be used to encode passwords.
static String	RENEW_RANDOM_NUMBER_GENERATOR_INTERVAL Time interval to be used to get a fresh SecureRandom instance.
static String	SECURE_RANDOM_PROVIDER An user-defined SecureRandomProvider instance.

Constructor Summary

Constructors

Constructor and Description
PasswordCredentialHandler()

Method Summary

Modifier and Type	Method and Description
CredentialStorage	createCredentialStorage(IdentityContext context, Account account, U password, S store, Date effectiveDate, Date expiryDate)
protected String	generateSalt() Generates a random string to be used as a salt for passwords.
protected Account	getAccount(IdentityContext context, V credentials)
protected CredentialStorage	getCredentialStorage(IdentityContext context, Account account, V credentials, S store)
protected org.picketlink.common.random.SecureRandomProvider	getSecureRandomProvider()
void	setup(S store)
protected boolean	validateCredential(IdentityContext context, CredentialStorage storage, V credentials, S store)

Methods inherited from class org.picketlink.idm.credential.handler.AbstractCredentialHandler

getAccount, getAccountById, getDefaultLoginNameProperty, getIdentityManager, isDebugEnabled, update, validate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PASSWORD_ENCODER

public static final String PASSWORD_ENCODER

Stores a stateless instance of PasswordEncoder that should be used to encode passwords.

See Also:

Constant Field Values

SECURE_RANDOM_PROVIDER

public static final String SECURE_RANDOM_PROVIDER

An user-defined SecureRandomProvider instance.

See Also:

Constant Field Values

RENEW_RANDOM_NUMBER_GENERATOR_INTERVAL

public static final String RENEW_RANDOM_NUMBER_GENERATOR_INTERVAL

Time interval to be used to get a fresh SecureRandom instance.

See Also:

Constant Field Values

ALGORITHM_RANDOM_NUMBER

public static final String ALGORITHM_RANDOM_NUMBER

The algorithm to be used to salt passwords.

See Also:

Constant Field Values

KEY_LENGTH_RANDOM_NUMBER

public static final String KEY_LENGTH_RANDOM_NUMBER

Key length when generating a seed for random numbers.

See Also:

Constant Field Values

Constructor Detail

PasswordCredentialHandler

public PasswordCredentialHandler()

Method Detail

setup

public void setup(S store)

Specified by:

setup in interface CredentialHandler<S extends CredentialStore<?>,V extends UsernamePasswordCredentials,U extends Password>

Overrides:

setup in class AbstractCredentialHandler<S extends CredentialStore<?>,V extends UsernamePasswordCredentials,U extends Password>

getAccount

protected Account getAccount(IdentityContext context,
                             V credentials)

Specified by:

getAccount in class AbstractCredentialHandler<S extends CredentialStore<?>,V extends UsernamePasswordCredentials,U extends Password>

getCredentialStorage

protected CredentialStorage getCredentialStorage(IdentityContext context,
                                                 Account account,
                                                 V credentials,
                                                 S store)

Specified by:

getCredentialStorage in class AbstractCredentialHandler<S extends CredentialStore<?>,V extends UsernamePasswordCredentials,U extends Password>

validateCredential

protected boolean validateCredential(IdentityContext context,
                                     CredentialStorage storage,
                                     V credentials,
                                     S store)

Specified by:

validateCredential in class AbstractCredentialHandler<S extends CredentialStore<?>,V extends UsernamePasswordCredentials,U extends Password>

createCredentialStorage

public CredentialStorage createCredentialStorage(IdentityContext context,
                                                 Account account,
                                                 U password,
                                                 S store,
                                                 Date effectiveDate,
                                                 Date expiryDate)

Specified by:

createCredentialStorage in class AbstractCredentialHandler<S extends CredentialStore<?>,V extends UsernamePasswordCredentials,U extends Password>

getSecureRandomProvider

protected org.picketlink.common.random.SecureRandomProvider getSecureRandomProvider()

generateSalt

protected String generateSalt()

Generates a random string to be used as a salt for passwords.

Returns: