Package org.opencms.security
Class CmsDefaultPasswordHandler
- java.lang.Object
-
- org.opencms.security.CmsDefaultPasswordHandler
-
- All Implemented Interfaces:
I_CmsConfigurationParameterHandler,I_CmsPasswordGenerator,I_CmsPasswordHandler,I_CmsPasswordSecurityEvaluator
- Direct Known Subclasses:
CmsAdvancedPasswordHandler
public class CmsDefaultPasswordHandler extends java.lang.Object implements I_CmsPasswordHandler, I_CmsPasswordSecurityEvaluator, I_CmsPasswordGenerator
Default implementation for OpenCms password validation, just checks if a password is at last 4 characters long.- Since:
- 6.0.0
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.opencms.security.I_CmsPasswordSecurityEvaluator
I_CmsPasswordSecurityEvaluator.SecurityLevel
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringPARAM_SCRYPT_FALLBACKParameter for SCrypt fall back.static java.lang.StringPARAM_SCRYPT_SETTINGSParameter for SCrypt settings.static intPASSWORD_MIN_LENGTHThe minimum length of a password.static intPASSWORD_SECURE_LENGTHThe password length that is considered to be secure.-
Fields inherited from interface org.opencms.configuration.I_CmsConfigurationParameterHandler
ADD_PARAMETER_METHOD, INIT_CONFIGURATION_METHOD
-
Fields inherited from interface org.opencms.security.I_CmsPasswordHandler
CONVERT_DIGEST_ENCODING, DIGEST_TYPE_MD5, DIGEST_TYPE_PLAIN, DIGEST_TYPE_SCRYPT, DIGEST_TYPE_SHA, DIGEST_TYPE_SSHA
-
-
Constructor Summary
Constructors Constructor Description CmsDefaultPasswordHandler()The constructor does not perform any operation.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddConfigurationParameter(java.lang.String paramName, java.lang.String paramValue)Adds a configuration parameter to this parameter configurable class instance.booleancheckPassword(java.lang.String plainPassword, java.lang.String digestedPassword, boolean useFallback)This method checks if the given plain text password is equal to the given digested password.java.lang.Stringdigest(java.lang.String password)Creates an OpenCms password digest according to the default setting for method/encodings.java.lang.Stringdigest(java.lang.String password, java.lang.String digestType, java.lang.String inputEncoding)Creates an OpenCms password digest.I_CmsPasswordSecurityEvaluator.SecurityLevelevaluatePasswordSecurity(java.lang.String password)Evaluates the given password security.CmsParameterConfigurationgetConfiguration()Returns the parameters of this configurable class instance, ornullif the class does not need any parameters.java.lang.StringgetDigestType()Returns the digestType.java.lang.StringgetInputEncoding()Returns the input encoding.java.lang.StringgetPasswordSecurityHint(java.util.Locale locale)Returns a hint describing how to set a secure password.java.lang.StringgetRandomPassword()Returns random password.voidinitConfiguration()Initializes a configuration after all parameters have been added.voidsetDigestType(java.lang.String digestType)Sets the digestType.voidsetInputEncoding(java.lang.String inputEncoding)Sets the input encoding.voidvalidatePassword(java.lang.String password)This method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.
-
-
-
Field Detail
-
PARAM_SCRYPT_FALLBACK
public static java.lang.String PARAM_SCRYPT_FALLBACK
Parameter for SCrypt fall back.
-
PARAM_SCRYPT_SETTINGS
public static java.lang.String PARAM_SCRYPT_SETTINGS
Parameter for SCrypt settings.
-
PASSWORD_MIN_LENGTH
public static final int PASSWORD_MIN_LENGTH
The minimum length of a password.- See Also:
- Constant Field Values
-
PASSWORD_SECURE_LENGTH
public static final int PASSWORD_SECURE_LENGTH
The password length that is considered to be secure.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
CmsDefaultPasswordHandler
public CmsDefaultPasswordHandler()
The constructor does not perform any operation.
-
-
Method Detail
-
addConfigurationParameter
public void addConfigurationParameter(java.lang.String paramName, java.lang.String paramValue)
Description copied from interface:I_CmsConfigurationParameterHandlerAdds a configuration parameter to this parameter configurable class instance.- Specified by:
addConfigurationParameterin interfaceI_CmsConfigurationParameterHandler- Parameters:
paramName- the name of the parameterparamValue- the value for the parameter- See Also:
I_CmsConfigurationParameterHandler.addConfigurationParameter(java.lang.String, java.lang.String)
-
checkPassword
public boolean checkPassword(java.lang.String plainPassword, java.lang.String digestedPassword, boolean useFallback)
Description copied from interface:I_CmsPasswordHandlerThis method checks if the given plain text password is equal to the given digested password.Use this to check salted passwords. If the password is salted, it needs to be checked with the salt (and possible other parameters) stored in the digested password. Just digesting the password again and comparing the result to a previous digest won't work because the salt will usually be different.
- Specified by:
checkPasswordin interfaceI_CmsPasswordHandler- Parameters:
plainPassword- the plain text password to checkdigestedPassword- the digested password to compare with the plain passworduseFallback- iftrue, then use a fall back hashing algorithm in case first validation fails- Returns:
falseif the validation of the password failed- See Also:
I_CmsPasswordHandler.checkPassword(String, String, boolean)
-
digest
public java.lang.String digest(java.lang.String password) throws CmsPasswordEncryptionException
Description copied from interface:I_CmsPasswordHandlerCreates an OpenCms password digest according to the default setting for method/encodings.- Specified by:
digestin interfaceI_CmsPasswordHandler- Parameters:
password- the password to encrypt- Returns:
- the password digest
- Throws:
CmsPasswordEncryptionException- if something goes wrong- See Also:
I_CmsPasswordHandler.digest(java.lang.String)
-
digest
public java.lang.String digest(java.lang.String password, java.lang.String digestType, java.lang.String inputEncoding) throws CmsPasswordEncryptionException
Description copied from interface:I_CmsPasswordHandlerCreates an OpenCms password digest.- Specified by:
digestin interfaceI_CmsPasswordHandler- Parameters:
password- the password to encryptdigestType- the algorithm used for encryption (i.e. MD5, SHA ...)inputEncoding- the encoding used when converting the password to bytes (i.e. UTF-8)- Returns:
- the password digest
- Throws:
CmsPasswordEncryptionException- if something goes wrong- See Also:
I_CmsPasswordHandler.digest(java.lang.String, java.lang.String, java.lang.String)
-
evaluatePasswordSecurity
public I_CmsPasswordSecurityEvaluator.SecurityLevel evaluatePasswordSecurity(java.lang.String password)
Description copied from interface:I_CmsPasswordSecurityEvaluatorEvaluates the given password security.- Specified by:
evaluatePasswordSecurityin interfaceI_CmsPasswordSecurityEvaluator- Parameters:
password- the password- Returns:
- the security level as a number between 0 and 1, 0 meaning a low security and 1 a strong security
- See Also:
I_CmsPasswordSecurityEvaluator.evaluatePasswordSecurity(java.lang.String)
-
getConfiguration
public CmsParameterConfiguration getConfiguration()
Description copied from interface:I_CmsConfigurationParameterHandlerReturns the parameters of this configurable class instance, ornullif the class does not need any parameters.- Specified by:
getConfigurationin interfaceI_CmsConfigurationParameterHandler- Returns:
- the parameters of this configurable class instance,
or
nullif the class does not need any parameters - See Also:
I_CmsConfigurationParameterHandler.getConfiguration()
-
getDigestType
public java.lang.String getDigestType()
Returns the digestType.- Specified by:
getDigestTypein interfaceI_CmsPasswordHandler- Returns:
- the digestType
-
getInputEncoding
public java.lang.String getInputEncoding()
Returns the input encoding.- Specified by:
getInputEncodingin interfaceI_CmsPasswordHandler- Returns:
- the input encoding
-
getPasswordSecurityHint
public java.lang.String getPasswordSecurityHint(java.util.Locale locale)
Description copied from interface:I_CmsPasswordSecurityEvaluatorReturns a hint describing how to set a secure password.- Specified by:
getPasswordSecurityHintin interfaceI_CmsPasswordSecurityEvaluator- Parameters:
locale- the locale- Returns:
- the password security hint
- See Also:
I_CmsPasswordSecurityEvaluator.getPasswordSecurityHint(java.util.Locale)
-
getRandomPassword
public java.lang.String getRandomPassword()
Description copied from interface:I_CmsPasswordGeneratorReturns random password.- Specified by:
getRandomPasswordin interfaceI_CmsPasswordGenerator- Returns:
- See Also:
I_CmsPasswordGenerator.getRandomPassword()
-
initConfiguration
public void initConfiguration()
Description copied from interface:I_CmsConfigurationParameterHandlerInitializes a configuration after all parameters have been added.- Specified by:
initConfigurationin interfaceI_CmsConfigurationParameterHandler- See Also:
I_CmsConfigurationParameterHandler.initConfiguration()
-
setDigestType
public void setDigestType(java.lang.String digestType)
Sets the digestType.- Specified by:
setDigestTypein interfaceI_CmsPasswordHandler- Parameters:
digestType- the digestType to set
-
setInputEncoding
public void setInputEncoding(java.lang.String inputEncoding)
Sets the input encoding.- Specified by:
setInputEncodingin interfaceI_CmsPasswordHandler- Parameters:
inputEncoding- the input encoding to set
-
validatePassword
public void validatePassword(java.lang.String password) throws CmsSecurityException
Description copied from interface:I_CmsPasswordHandlerThis method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.If this method throws no exception the password is valid.
- Specified by:
validatePasswordin interfaceI_CmsPasswordHandler- Parameters:
password- the password to check- Throws:
CmsSecurityException- if validation of the password failed- See Also:
I_CmsPasswordHandler.validatePassword(java.lang.String)
-
-