Package org.apache.catalina.realm
Class MessageDigestCredentialHandler
java.lang.Object
org.apache.catalina.realm.DigestCredentialHandlerBase
org.apache.catalina.realm.MessageDigestCredentialHandler
- All Implemented Interfaces:
- CredentialHandler
This credential handler supports the following forms of stored passwords:
 
- encodedCredential - a hex encoded digest of the password digested using the configured digest
- {MD5}encodedCredential - a Base64 encoded MD5 digest of the password
- {SHA}encodedCredential - a Base64 encoded SHA1 digest of the password
- {SSHA}encodedCredential - 20 byte Base64 encoded SHA1 digest followed by variable length salt.
 {SSHA}<sha-1 digest:20><salt:n>
- salt$iterationCount$encodedCredential - a hex encoded salt, iteration code and a hex encoded credential, each separated by $
If the stored password form does not include an iteration count then an iteration count of 1 is used.
If the stored password form does not include salt then no salt is used.
- 
Field SummaryFieldsFields inherited from class org.apache.catalina.realm.DigestCredentialHandlerBaseDEFAULT_SALT_LENGTH, sm
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionprotected intprotected LoggetLog()booleanChecks to see if the input credentials match the stored credentialsprotected StringGenerates the equivalent stored credentials for the given input credentials, salt and iterations.voidsetAlgorithm(String algorithm) Set the algorithm used to convert input credentials to stored credentials.voidsetEncoding(String encodingName) Methods inherited from class org.apache.catalina.realm.DigestCredentialHandlerBaseequals, equals, getDefaultSaltLength, getIterations, getLogInvalidStoredCredentials, getSaltLength, matchesSaltIterationsEncoded, mutate, mutate, setIterations, setLogInvalidStoredCredentials, setSaltLength
- 
Field Details- 
DEFAULT_ITERATIONSpublic static final int DEFAULT_ITERATIONS- See Also:
 
 
- 
- 
Constructor Details- 
MessageDigestCredentialHandlerpublic MessageDigestCredentialHandler()
 
- 
- 
Method Details- 
getEncoding
- 
setEncoding
- 
getAlgorithm- Specified by:
- getAlgorithmin class- DigestCredentialHandlerBase
- Returns:
- the algorithm used to convert input credentials to stored credentials.
 
- 
setAlgorithmDescription copied from class:DigestCredentialHandlerBaseSet the algorithm used to convert input credentials to stored credentials.- Specified by:
- setAlgorithmin class- DigestCredentialHandlerBase
- Parameters:
- algorithm- the algorithm
- Throws:
- NoSuchAlgorithmException- if the specified algorithm is not supported
 
- 
matchesDescription copied from interface:CredentialHandlerChecks to see if the input credentials match the stored credentials- Parameters:
- inputCredentials- User provided credentials
- storedCredentials- Credentials stored in the- Realm
- Returns:
- trueif the inputCredentials match the storedCredentials, otherwise- false
 
- 
mutateDescription copied from class:DigestCredentialHandlerBaseGenerates the equivalent stored credentials for the given input credentials, salt and iterations. If the algorithm requires a key length, the default will be used.- Specified by:
- mutatein class- DigestCredentialHandlerBase
- Parameters:
- inputCredentials- User provided credentials
- salt- Salt, if any
- iterations- Number of iterations of the algorithm associated with this CredentialHandler applied to the inputCredentials to generate the equivalent stored credentials
- Returns:
- The equivalent stored credentials for the given input credentials or nullif the generation fails
 
- 
getDefaultIterationsprotected int getDefaultIterations()- Specified by:
- getDefaultIterationsin class- DigestCredentialHandlerBase
- Returns:
- the default number of iterations used by the CredentialHandler.
 
- 
getLog- Specified by:
- getLogin class- DigestCredentialHandlerBase
- Returns:
- the logger for the CredentialHandler instance.
 
 
-