Class PasswordEncoderProperties
java.lang.Object
org.apereo.cas.configuration.model.core.authentication.PasswordEncoderProperties
- All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-core-authentication",
automated=true)
public class PasswordEncoderProperties
extends Object
implements Serializable
This is
PasswordEncoderProperties
.- Since:
- 5.0.0
- See Also:
-
Nested Class Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionThe encoding algorithm to use such as 'UTF-8'.The encoding algorithm to use such asMD5
.int
When used byPasswordEncoderProperties.PasswordEncoderTypes.ARGON2
, it indicates the hash strength/length.int
When used byPasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
, it indicates the required number of iterations.int
Strength or number of iterations to use for password hashing.getType()
Define the password encoder type to use.setCharacterEncoding
(String characterEncoding) The encoding algorithm to use such as 'UTF-8'.setEncodingAlgorithm
(String encodingAlgorithm) The encoding algorithm to use such asMD5
.setHashLength
(int hashLength) When used byPasswordEncoderProperties.PasswordEncoderTypes.ARGON2
, it indicates the hash strength/length.setIterations
(int iterations) When used byPasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
, it indicates the required number of iterations.setStrength
(int strength) Strength or number of iterations to use for password hashing.Define the password encoder type to use.
-
Constructor Details
-
PasswordEncoderProperties
public PasswordEncoderProperties()
-
-
Method Details
-
getType
Define the password encoder type to use. Type may be specified as blank orNONE
to disable password encoding. It may also refer to a fully-qualified class name that implements the Spring Security'sPasswordEncoder
interface if you wish you define your own encoder.The following types may be used:
NONE
: No password encoding (i.e. plain-text) takes place.DEFAULT
: Use theDefaultPasswordEncoder
of CAS. For message-digest algorithms viacharacter-encoding
andencoding-algorithm
.BCRYPT
: Use theBCryptPasswordEncoder
based on the strength provided and an optional secret.SCRYPT
: Use theSCryptPasswordEncoder
.PBKDF2
: Use thePbkdf2PasswordEncoder
based on the strength provided and an optional secret.STANDARD
: Use theStandardPasswordEncoder
based on the secret provided.SSHA
: Use theLdapShaPasswordEncoder
supports Ldap SHA and SSHA (salted-SHA). The values are base-64 encoded and have the label {SHA} or {SSHA} prepended to the encoded hash.GLIBC_CRYPT
: Use theGlibcCryptPasswordEncoder
based on theencoding-algorithm
, strength provided and an optional secret.org.example.MyEncoder
: An implementation ofPasswordEncoder
of your own choosing.file:///path/to/script.groovy
: Path to a Groovy script charged with handling password encoding operations.
-
getEncodingAlgorithm
The encoding algorithm to use such asMD5
. Relevant when the type used isDEFAULT
orGLIBC_CRYPT
. When used withPasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
, it should be one ofPBKDF2WithHmacSHA1
,PBKDF2WithHmacSHA256
orPBKDF2WithHmacSHA512
. -
getCharacterEncoding
The encoding algorithm to use such as 'UTF-8'. Relevant when the type used isDEFAULT
. -
getSecret
Secret to use withPasswordEncoderProperties.PasswordEncoderTypes.STANDARD
,PasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
,PasswordEncoderProperties.PasswordEncoderTypes.BCRYPT
,PasswordEncoderProperties.PasswordEncoderTypes.GLIBC_CRYPT
password encoders. Secret usually is an optional setting. -
getStrength
public int getStrength()Strength or number of iterations to use for password hashing. Usually relevant when dealing withPasswordEncoderProperties.PasswordEncoderTypes.BCRYPT
,PasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
orPasswordEncoderProperties.PasswordEncoderTypes.GLIBC_CRYPT
. When used byPasswordEncoderProperties.PasswordEncoderTypes.ARGON2
orPasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
, it indicates the salt strength. -
getIterations
public int getIterations()When used byPasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
, it indicates the required number of iterations. -
getHashLength
public int getHashLength()When used byPasswordEncoderProperties.PasswordEncoderTypes.ARGON2
, it indicates the hash strength/length. -
setType
Define the password encoder type to use. Type may be specified as blank orNONE
to disable password encoding. It may also refer to a fully-qualified class name that implements the Spring Security'sPasswordEncoder
interface if you wish you define your own encoder.The following types may be used:
NONE
: No password encoding (i.e. plain-text) takes place.DEFAULT
: Use theDefaultPasswordEncoder
of CAS. For message-digest algorithms viacharacter-encoding
andencoding-algorithm
.BCRYPT
: Use theBCryptPasswordEncoder
based on the strength provided and an optional secret.SCRYPT
: Use theSCryptPasswordEncoder
.PBKDF2
: Use thePbkdf2PasswordEncoder
based on the strength provided and an optional secret.STANDARD
: Use theStandardPasswordEncoder
based on the secret provided.SSHA
: Use theLdapShaPasswordEncoder
supports Ldap SHA and SSHA (salted-SHA). The values are base-64 encoded and have the label {SHA} or {SSHA} prepended to the encoded hash.GLIBC_CRYPT
: Use theGlibcCryptPasswordEncoder
based on theencoding-algorithm
, strength provided and an optional secret.org.example.MyEncoder
: An implementation ofPasswordEncoder
of your own choosing.file:///path/to/script.groovy
: Path to a Groovy script charged with handling password encoding operations.
- Returns:
this
.
-
setEncodingAlgorithm
The encoding algorithm to use such asMD5
. Relevant when the type used isDEFAULT
orGLIBC_CRYPT
. When used withPasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
, it should be one ofPBKDF2WithHmacSHA1
,PBKDF2WithHmacSHA256
orPBKDF2WithHmacSHA512
.- Returns:
this
.
-
setCharacterEncoding
The encoding algorithm to use such as 'UTF-8'. Relevant when the type used isDEFAULT
.- Returns:
this
.
-
setSecret
Secret to use withPasswordEncoderProperties.PasswordEncoderTypes.STANDARD
,PasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
,PasswordEncoderProperties.PasswordEncoderTypes.BCRYPT
,PasswordEncoderProperties.PasswordEncoderTypes.GLIBC_CRYPT
password encoders. Secret usually is an optional setting.- Returns:
this
.
-
setStrength
Strength or number of iterations to use for password hashing. Usually relevant when dealing withPasswordEncoderProperties.PasswordEncoderTypes.BCRYPT
,PasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
orPasswordEncoderProperties.PasswordEncoderTypes.GLIBC_CRYPT
. When used byPasswordEncoderProperties.PasswordEncoderTypes.ARGON2
orPasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
, it indicates the salt strength.- Returns:
this
.
-
setIterations
When used byPasswordEncoderProperties.PasswordEncoderTypes.PBKDF2
, it indicates the required number of iterations.- Returns:
this
.
-
setHashLength
When used byPasswordEncoderProperties.PasswordEncoderTypes.ARGON2
, it indicates the hash strength/length.- Returns:
this
.
-