AlgorithmUpgradeCredentialPasswordEncoder xref

View Javadoc

1   /* 
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8   *
9   *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17  package org.apache.jetspeed.security.spi;
18  
19  import org.apache.jetspeed.security.PasswordCredential;
20  import org.apache.jetspeed.security.SecurityException;
21  import org.apache.jetspeed.security.om.InternalCredential;
22  
23  /***
24   * <p>
25   * AlgorithmUpgradeCredentialPasswordEncoder which is provided with the InternalCredential as well
26   * to allow for migrating between two different encoding schemes.
27   * </p>
28   * <p>
29   * The extended encode method is *only* called in the context of validating an existing (old) password,
30   * and not used for creating or updating to a new password directl!
31   * </p>
32   * <p>
33   * After successfull authentication, the recodeIfNeeded method will be called allowing to migrate to the new encryption scheme.
34   * </p>
35   * 
36   * @author <a href="mailto:ate@douma.nu">Ate Douma</a>
37   * @version $Id$
38   */
39  public interface AlgorithmUpgradeCredentialPasswordEncoder extends CredentialPasswordEncoder
40  {
41      String encode(String userName, String clearTextPassword, InternalCredential credential) throws SecurityException;
42      void recodeIfNeeded(String userName, String clearTextPassword, InternalCredential credential) throws SecurityException;
43      boolean usesOldEncodingAlgorithm(PasswordCredential credential);
44  }