public class PKCS5S2PasswordStorageScheme extends PasswordStorageScheme<org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg>
Constructor and Description |
---|
PKCS5S2PasswordStorageScheme()
Creates a new instance of this password storage scheme.
|
Modifier and Type | Method and Description |
---|---|
boolean |
authPasswordMatches(org.forgerock.opendj.ldap.ByteSequence plaintextPassword,
String authInfo,
String authValue)
Indicates whether the provided plaintext password matches the
encoded password using the authentication password syntax with
the given authInfo and authValue components.
|
org.forgerock.opendj.ldap.ByteString |
encodeAuthPassword(org.forgerock.opendj.ldap.ByteSequence plaintext)
Encodes the provided plaintext password for this storage scheme
using the authentication password syntax defined in RFC 3112.
|
static String |
encodeOffline(byte[] passwordBytes)
Generates an encoded password string from the given clear-text password.
|
org.forgerock.opendj.ldap.ByteString |
encodePassword(org.forgerock.opendj.ldap.ByteSequence plaintext)
Encodes the provided plaintext password for this storage scheme,
without the name of the associated scheme.
|
String |
getAuthPasswordSchemeName()
Retrieves the scheme name that should be used with this password
storage scheme when it is used in the context of the
authentication password syntax.
|
String |
getStorageSchemeName()
Retrieves the name of the password storage scheme provided by
this handler.
|
void |
initializePasswordStorageScheme(org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg configuration)
Initializes this password storage scheme handler based on the
information in the provided configuration entry.
|
boolean |
isStorageSchemeSecure()
Indicates whether this password storage scheme should be
considered "secure".
|
boolean |
passwordMatches(org.forgerock.opendj.ldap.ByteSequence plaintextPassword,
org.forgerock.opendj.ldap.ByteSequence storedPassword)
Indicates whether the provided plaintext password included in a
bind request matches the given stored value.
|
boolean |
supportsAuthPasswordSyntax()
Indicates whether this password storage scheme supports the
ability to interact with values using the authentication password
syntax defined in RFC 3112.
|
encodePasswordWithScheme, finalizePasswordStorageScheme, getAuthPasswordPlaintextValue, getPlaintextValue, isConfigurationAcceptable, isReversible
public PKCS5S2PasswordStorageScheme()
initializePasswordStorageScheme
method.public void initializePasswordStorageScheme(org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg configuration) throws InitializationException
PasswordStorageScheme
initializePasswordStorageScheme
in class PasswordStorageScheme<org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg>
configuration
- The configuration entry that contains the
information to use to initialize this
password storage scheme handler.InitializationException
- If a problem occurs during
initialization that is not
related to the server
configuration.public String getStorageSchemeName()
PasswordStorageScheme
getStorageSchemeName
in class PasswordStorageScheme<org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg>
public org.forgerock.opendj.ldap.ByteString encodePassword(org.forgerock.opendj.ldap.ByteSequence plaintext) throws DirectoryException
PasswordStorageScheme
encodePassword
in class PasswordStorageScheme<org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg>
plaintext
- The plaintext version of the password.DirectoryException
- If a problem occurs while
processing.public boolean passwordMatches(org.forgerock.opendj.ldap.ByteSequence plaintextPassword, org.forgerock.opendj.ldap.ByteSequence storedPassword)
PasswordStorageScheme
passwordMatches
in class PasswordStorageScheme<org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg>
plaintextPassword
- The plaintext password provided by the
user as part of a simple bind attempt.storedPassword
- The stored password to compare against
the provided plaintext password.true
if the provided plaintext password matches
the provided stored password, or false
if not.public boolean supportsAuthPasswordSyntax()
PasswordStorageScheme
supportsAuthPasswordSyntax
in class PasswordStorageScheme<org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg>
true
if this password storage scheme supports
the ability to interact with values using the
authentication password syntax, or false
if it
does not.public String getAuthPasswordSchemeName()
PasswordStorageScheme
getStorageSchemeName
method.getAuthPasswordSchemeName
in class PasswordStorageScheme<org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg>
public org.forgerock.opendj.ldap.ByteString encodeAuthPassword(org.forgerock.opendj.ldap.ByteSequence plaintext) throws DirectoryException
PasswordStorageScheme
encodeAuthPassword
in class PasswordStorageScheme<org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg>
plaintext
- The plaintext version of the password.DirectoryException
- If a problem occurs while processing
of if this storage scheme does not
support the authentication password
syntax.public boolean authPasswordMatches(org.forgerock.opendj.ldap.ByteSequence plaintextPassword, String authInfo, String authValue)
PasswordStorageScheme
authPasswordMatches
in class PasswordStorageScheme<org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg>
plaintextPassword
- The plaintext password provided by the
user.authInfo
- The authInfo component of the password
encoded in the authentication password
syntax.authValue
- The authValue component of the
password encoded in the authentication
password syntax.true
if the provided plaintext password matches
the encoded password according to the authentication
password info syntax, or false
if it does not or
this storage scheme does not support the authentication
password syntax.public boolean isStorageSchemeSecure()
PasswordStorageScheme
isStorageSchemeSecure
in class PasswordStorageScheme<org.forgerock.opendj.server.config.server.Pkcs5s2PasswordStorageSchemeCfg>
false
if it may be trivial to discover the
original plain-text password from the encoded form, or
true
if the scheme offers sufficient protection
that revealing the encoded password will not easily
reveal the corresponding plain-text value.public static String encodeOffline(byte[] passwordBytes) throws DirectoryException
passwordBytes
- The bytes that make up the clear-text password.DirectoryException
- If a problem occurs during processing.Copyright © 2010-2017 ForgeRock AS. All Rights Reserved.