Hash the provided {@code token}'s credentials using the salt stored with the account if the
{@code info} instance is an {@code instanceof} {@link SaltedAuthenticationInfo SaltedAuthenticationInfo} (see
the class-level JavaDoc for why this is the preferred approach).
<p/>
If the {@code info} instance is <em>not</em>
an {@code instanceof} {@code SaltedAuthenticationInfo}, the logic will fall back to Shiro 1.0
backwards-compatible logic: it will first check to see {@link #isHashSalted() isHashSalted} and if so, will try
to acquire the salt from {@link #getSalt(AuthenticationToken) getSalt(AuthenticationToken)}. See the class-level
JavaDoc for why this is not recommended. This 'fallback' logic exists only for backwards-compatibility.
{@code Realm}s should be updated as soon as possible to return {@code SaltedAuthenticationInfo} instances
if account credentials salting is enabled (highly recommended for password-based systems).
@param token the submitted authentication token from which its credentials will be hashed
@param info the stored account data, potentially used to acquire a salt
@return the token credentials hash
@since 1.1
Hash the provided {@code token}'s credentials using the salt stored with the account if the {@code info} instance is an {@code instanceof} {@link SaltedAuthenticationInfo SaltedAuthenticationInfo} (see the class-level JavaDoc for why this is the preferred approach). <p/> If the {@code info} instance is <em>not</em> an {@code instanceof} {@code SaltedAuthenticationInfo}, the logic will fall back to Shiro 1.0 backwards-compatible logic: it will first check to see {@link #isHashSalted() isHashSalted} and if so, will try to acquire the salt from {@link #getSalt(AuthenticationToken) getSalt(AuthenticationToken)}. See the class-level JavaDoc for why this is not recommended. This 'fallback' logic exists only for backwards-compatibility. {@code Realm}s should be updated as soon as possible to return {@code SaltedAuthenticationInfo} instances if account credentials salting is enabled (highly recommended for password-based systems).
@param token the submitted authentication token from which its credentials will be hashed @param info the stored account data, potentially used to acquire a salt @return the token credentials hash @since 1.1