1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 */ 19 package org.apache.shiro.authc.credential; 20 21 import org.apache.shiro.crypto.hash.AbstractHash; 22 import org.apache.shiro.crypto.hash.Hash; 23 import org.apache.shiro.crypto.hash.Sha1Hash; 24 25 26 /** 27 * {@code HashedCredentialsMatcher} implementation that expects the stored {@code AuthenticationInfo} credentials to be 28 * SHA hashed. 29 * <p/> 30 * <b>Note:</b> <a href="http://en.wikipedia.org/wiki/MD5">MD5</a> and 31 * <a href="http://en.wikipedia.org/wiki/SHA_hash_functions">SHA-1</a> algorithms are now known to be vulnerable to 32 * compromise and/or collisions (read the linked pages for more). While most applications are ok with either of these 33 * two, if your application mandates high security, use the SHA-256 (or higher) hashing algorithms and their 34 * supporting <code>CredentialsMatcher</code> implementations.</p> 35 * 36 * @since 0.9 37 * @deprecated since 1.1 - use the HashedCredentialsMatcher directly and set its 38 * {@link HashedCredentialsMatcher#setHashAlgorithmName(String) hashAlgorithmName} property. 39 */ 40 public class Sha1CredentialsMatcher extends HashedCredentialsMatcher { 41 42 public Sha1CredentialsMatcher() { 43 super(); 44 setHashAlgorithmName(Sha1Hash.ALGORITHM_NAME); 45 } 46 }