public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { PasswordService service = ensurePasswordService(); Object submittedPassword = getSubmittedPassword(token); Object storedCredentials = getStoredPassword(info); assertStoredCredentialsType(storedCredentials); if (storedCredentials instanceof Hash) { Hash hashedPassword = (Hash)storedCredentials; HashingPasswordService hashingService = assertHashingPasswordService(service); return hashingService.passwordsMatch(submittedPassword, hashedPassword); } //otherwise they are a String (asserted in the 'assertStoredCredentialsType' method call above): String formatted = (String)storedCredentials; return passwordService.passwordsMatch(submittedPassword, formatted); }
/** * Builds the authentication info. * * @param token * the token * @param principal * the principal * @return the authentication info */ private AuthenticationInfo buildAuthenticationInfo(final UsernamePasswordToken token, final Object principal) { AuthenticationInfo authenticationInfo; final HashingPasswordService hashService = this.getHashService(); if (hashService != null) { final Hash hash = hashService.hashPassword(token.getPassword()); final ByteSource salt = hash.getSalt(); authenticationInfo = new SimpleAuthenticationInfo(principal, hash, salt, AbstractWaffleRealm.REALM_NAME); } else { final Object creds = token.getCredentials(); authenticationInfo = new SimpleAuthenticationInfo(principal, creds, AbstractWaffleRealm.REALM_NAME); } return authenticationInfo; }
/** * Builds the authentication info. * * @param token * the token * @param principal * the principal * @return the authentication info */ private AuthenticationInfo buildAuthenticationInfo(final UsernamePasswordToken token, final Object principal) { AuthenticationInfo authenticationInfo; final HashingPasswordService hashService = this.getHashService(); if (hashService != null) { final Hash hash = hashService.hashPassword(token.getPassword()); final ByteSource salt = hash.getSalt(); authenticationInfo = new SimpleAuthenticationInfo(principal, hash, salt, AbstractWaffleRealm.REALM_NAME); } else { final Object creds = token.getCredentials(); authenticationInfo = new SimpleAuthenticationInfo(principal, creds, AbstractWaffleRealm.REALM_NAME); } return authenticationInfo; }
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { PasswordService service = ensurePasswordService(); Object submittedPassword = getSubmittedPassword(token); Object storedCredentials = getStoredPassword(info); assertStoredCredentialsType(storedCredentials); if (storedCredentials instanceof Hash) { Hash hashedPassword = (Hash)storedCredentials; HashingPasswordService hashingService = assertHashingPasswordService(service); return hashingService.passwordsMatch(submittedPassword, hashedPassword); } //otherwise they are a String (asserted in the 'assertStoredCredentialsType' method call above): String formatted = (String)storedCredentials; return passwordService.passwordsMatch(submittedPassword, formatted); }