Class StandaloneConfigurationSecurityProperties
java.lang.Object
org.apereo.cas.configuration.model.core.config.standalone.StandaloneConfigurationSecurityProperties
- All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-core-configuration",
automated=true)
public class StandaloneConfigurationSecurityProperties
extends Object
implements Serializable
- Since:
- 6.4.0
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptiongetAlg()
Algorithm to use when deciphering settings.An initialization vector is required forPBEWithDigestAndAES
algorithms that aren't BouncyCastle.long
Total number of iterations to use when deciphering settings.Security provider to use when deciphering settings.getPsw()
Secret key/password to use when deciphering settings.Algorithm to use when deciphering settings.setInitializationVector
(Boolean initializationVector) An initialization vector is required forPBEWithDigestAndAES
algorithms that aren't BouncyCastle.setIterations
(long iterations) Total number of iterations to use when deciphering settings.setProvider
(String provider) Security provider to use when deciphering settings.Secret key/password to use when deciphering settings.
-
Constructor Details
-
StandaloneConfigurationSecurityProperties
public StandaloneConfigurationSecurityProperties()
-
-
Method Details
-
getAlg
Algorithm to use when deciphering settings. Default algorithm isPBEWithMD5AndTripleDES
. -
getProvider
Security provider to use when deciphering settings. Leave blank for Java,BC
for BouncyCastle. -
getIterations
public long getIterations()Total number of iterations to use when deciphering settings. Default value comes from Jasypt 1000 -
getPsw
Secret key/password to use when deciphering settings. -
getInitializationVector
An initialization vector is required forPBEWithDigestAndAES
algorithms that aren't BouncyCastle. Enabling an initialization vector will break passwords encrypted without one. Toggling this value will make pre-existing non-PBEWithDigestAndAES
encrypted passwords not work. For non-BouncyCastlePBEWithDigestAndAES
algorithms that require an initialization vector, one will be used regardless of this setting since backwards compatibility with existing passwords using those algorithms is not an issue (since they didn't work in previous CAS versions). The default value is false so as not to break existing encrypted passwords. In general the use of an initialization vector will increase the encrypted text's length. -
setAlg
Algorithm to use when deciphering settings. Default algorithm isPBEWithMD5AndTripleDES
.- Returns:
this
.
-
setProvider
Security provider to use when deciphering settings. Leave blank for Java,BC
for BouncyCastle.- Returns:
this
.
-
setIterations
Total number of iterations to use when deciphering settings. Default value comes from Jasypt 1000- Returns:
this
.
-
setPsw
Secret key/password to use when deciphering settings.- Returns:
this
.
-
setInitializationVector
public StandaloneConfigurationSecurityProperties setInitializationVector(Boolean initializationVector) An initialization vector is required forPBEWithDigestAndAES
algorithms that aren't BouncyCastle. Enabling an initialization vector will break passwords encrypted without one. Toggling this value will make pre-existing non-PBEWithDigestAndAES
encrypted passwords not work. For non-BouncyCastlePBEWithDigestAndAES
algorithms that require an initialization vector, one will be used regardless of this setting since backwards compatibility with existing passwords using those algorithms is not an issue (since they didn't work in previous CAS versions). The default value is false so as not to break existing encrypted passwords. In general the use of an initialization vector will increase the encrypted text's length.- Returns:
this
.
-