Hashes the specified plaintext password using internal hashing configuration settings pertinent to password
hashing.
<p/>
Note
that this method is only likely to be used in more complex environments that wish to format and/or save the
returned {@code Hash} object in a custom manner. Most applications will find the
{@link #encryptPassword(Object) encryptPassword} method suitable enough for safety
and ease-of-use.
<h3>Usage</h3>
The input argument type can be any 'byte backed' {@code Object} - almost always either a
string or character array representing passwords (character arrays are often a safer way to represent passwords
as they can be cleared/nulled-out after use. Any argument type supported by
{@link ByteSourceUtil#isCompatible(Object)} is valid.
<p/>
Regardless of your choice of using Strings or character arrays to represent submitted passwords, you can wrap
either as a {@code ByteSource} by using {@link ByteSourceUtil}, for example, when the passwords are captured as
Strings:
<pre>
ByteSource passwordBytes = ByteSourceUtil.bytes(submittedPasswordString);
Hash hashedPassword = hashingPasswordService.hashPassword(passwordBytes);
</pre>
or, identically, when captured as a character array:
<pre>
ByteSource passwordBytes = ByteSourceUtil.bytes(submittedPasswordCharacterArray);
Hash hashedPassword = hashingPasswordService.hashPassword(passwordBytes);
</pre>
@param plaintext the raw password as 'byte-backed' object (string, character array, {@link ByteSource},
etc) usually acquired from your application's 'new user' or 'password reset' workflow.
@return the hashed password.
@throws IllegalArgumentException if the argument cannot be easily converted to bytes as defined by
{@link ByteSourceUtil#isCompatible(Object)}.
@see ByteSourceUtil#isCompatible(Object)
@see #encryptPassword(Object)
Hashes the specified plaintext password using internal hashing configuration settings pertinent to password hashing. <p/> Note that this method is only likely to be used in more complex environments that wish to format and/or save the returned {@code Hash} object in a custom manner. Most applications will find the {@link #encryptPassword(Object) encryptPassword} method suitable enough for safety and ease-of-use. <h3>Usage</h3> The input argument type can be any 'byte backed' {@code Object} - almost always either a string or character array representing passwords (character arrays are often a safer way to represent passwords as they can be cleared/nulled-out after use. Any argument type supported by {@link ByteSourceUtil#isCompatible(Object)} is valid. <p/> Regardless of your choice of using Strings or character arrays to represent submitted passwords, you can wrap either as a {@code ByteSource} by using {@link ByteSourceUtil}, for example, when the passwords are captured as Strings: <pre> ByteSource passwordBytes = ByteSourceUtil.bytes(submittedPasswordString); Hash hashedPassword = hashingPasswordService.hashPassword(passwordBytes); </pre> or, identically, when captured as a character array: <pre> ByteSource passwordBytes = ByteSourceUtil.bytes(submittedPasswordCharacterArray); Hash hashedPassword = hashingPasswordService.hashPassword(passwordBytes); </pre>
@param plaintext the raw password as 'byte-backed' object (string, character array, {@link ByteSource}, etc) usually acquired from your application's 'new user' or 'password reset' workflow. @return the hashed password. @throws IllegalArgumentException if the argument cannot be easily converted to bytes as defined by {@link ByteSourceUtil#isCompatible(Object)}. @see ByteSourceUtil#isCompatible(Object) @see #encryptPassword(Object)