Hashes the specified plaintext password using internal hashing configuration settings pertinent to password hashing. <p/> Note that this method is only likely to be used in more complex environments that wish to format and/or save the returned {@code Hash} object in a custom manner. Most applications will find the {@link #encryptPassword(Object) encryptPassword} method suitable enough for safety and ease-of-use. <h3>Usage</h3> The input argument type can be any 'byte backed' {@code Object} - almost always either a string or character array representing passwords (character arrays are often a safer way to represent passwords as they can be cleared/nulled-out after use. Any argument type supported by {@link ByteSourceUtil#isCompatible(Object)} is valid. <p/> Regardless of your choice of using Strings or character arrays to represent submitted passwords, you can wrap either as a {@code ByteSource} by using {@link ByteSourceUtil}, for example, when the passwords are captured as Strings: <pre> ByteSource passwordBytes = ByteSourceUtil.bytes(submittedPasswordString); Hash hashedPassword = hashingPasswordService.hashPassword(passwordBytes); </pre> or, identically, when captured as a character array: <pre> ByteSource passwordBytes = ByteSourceUtil.bytes(submittedPasswordCharacterArray); Hash hashedPassword = hashingPasswordService.hashPassword(passwordBytes); </pre>
Returns {@code true} if the {@code submittedPlaintext} password matches the existing {@code savedPasswordHash}, {@code false} otherwise. Note that this method is only likely to be used in more complex environments that save hashes in a custom manner. Most applications will find the {@link #passwordsMatch(Object, string) passwordsMatch(plaintext,string)} method sufficient if {@link #encryptPassword(Object) encrypting passwords as Strings}. <h3>Usage</h3> The {@code submittedPlaintext} argument type can be any 'byte backed' {@code Object} - almost always either a string or character array representing passwords (character arrays are often a safer way to represent passwords as they can be cleared/nulled-out after use. Any argument type supported by {@link ByteSourceUtil#isCompatible(Object)} is valid.
Converts the specified plaintext password (usually acquired from your application's 'new user' or 'password reset' workflow) into a formatted string safe for storage. The returned string can be safely saved with the corresponding user account record (e.g. as a 'password' attribute). <p/> It is expected that the string returned from this method will be presented to the {@link #passwordsMatch(Object, string) passwordsMatch(plaintext,encrypted)} method when performing a password comparison check. <h3>Usage</h3> The input argument type can be any 'byte backed' {@code Object} - almost always either a string or character array representing passwords (character arrays are often a safer way to represent passwords as they can be cleared/nulled-out after use. Any argument type supported by {@link ByteSourceUtil#isCompatible(Object)} is valid. <p/> For example: <pre> string rawPassword = ... string encryptedValue = passwordService.encryptPassword(rawPassword); </pre> or, identically: <pre> char[] rawPasswordChars = ... string encryptedValue = passwordService.encryptPassword(rawPasswordChars); </pre> <p/> The resulting {@code encryptedValue} should be stored with the account to be retrieved later during a login attempt. For example: <pre> string encryptedValue = passwordService.encryptPassword(rawPassword); ... userAccount.setPassword(encryptedValue); userAccount.save(); //create or update to your data store </pre>
Returns {@code true} if the {@code submittedPlaintext} password matches the existing {@code saved} password, {@code false} otherwise. <h3>Usage</h3> The {@code submittedPlaintext} argument type can be any 'byte backed' {@code Object} - almost always either a string or character array representing passwords (character arrays are often a safer way to represent passwords as they can be cleared/nulled-out after use. Any argument type supported by {@link ByteSourceUtil#isCompatible(Object)} is valid. <p/> For example: <pre> string submittedPassword = ... passwordService.passwordsMatch(submittedPassword, encryptedPassword); </pre> or similarly: <pre> char[] submittedPasswordCharacters = ... passwordService.passwordsMatch(submittedPasswordCharacters, encryptedPassword); </pre>
A {@code HashingPasswordService} is a {@link PasswordService} that performs password encryption and comparisons based on cryptographic {@link Hash}es.