public boolean isPasswordValid(String encPass, String rawPass, Object salt) throws DataAccessException { if (isPasswordHashed(encPass)) { return JBCRYPT_ENCODER.isPasswordValid(encPass.substring(JBCRYPT_HEADER.length()), rawPass, salt); } else { return CLASSIC.isPasswordValid(encPass, rawPass, salt); } }
/** * Creates a new user account by registering a JBCrypt Hashed password with the user. * * @param userName The user's name * @param hashedPassword A hashed password, must begin with <code>#jbcrypt:</code> */ public User createAccountWithHashedPassword(String userName, String hashedPassword) throws IOException { if (!PASSWORD_ENCODER.isPasswordHashed(hashedPassword)) { throw new IllegalArgumentException("this method should only be called with a pre-hashed password"); } User user = User.getById(userName, true); user.addProperty(Details.fromHashedPassword(hashedPassword)); SecurityListener.fireUserCreated(user.getId()); return user; }