Fish & Chips Club 4.10.0.0

hirondelle.fish.access.user
Class User

Object
  extended by hirondelle.fish.access.user.User

public final class User
extends Object

User for the Fish and Chips Club.

When first added, the User has a fixed, inconvenient password, which they are encouraged to change. This is not enforced by the application, however.

The password is "hashed". A one-way hash function ensures the password is NOT stored in cleartext. When the container enforces a security-constraint defined in web.xml, the container must be instructed to call the exact same hash function (SHA-1), in order to match the database.

Performing the hash here, instead of in the database, provides independance from database implementations of hash functions (or lack thereof).

Note that a one-way hash function is used here, NOT an encryption function: encrypted items are ultimately intended for decryption. Here, no decryption is ever attempted. In fact, the whole point of using a hash function is that it is nearly impossible to deduce the password from the hashed value itself.


Constructor Summary
User(SafeText aName, SafeText aHashedPassword)
          Constructor taking a password that is already hashed.
 
Method Summary
 boolean equals(Object aThat)
           
static User forNewUserOrPasswordReset(SafeText aName)
          Factory method for a new User, with a fixed, initial password.
static User forPasswordChange(SafeText aName, SafeText aClearTextPassword)
          Factory method for a new User, reflecting a new password.
 SafeText getName()
          Return the user name passed to the constructor.
 SafeText getPassword()
          Return the hashed password (never cleartext).
 int hashCode()
           
 boolean isResetValue()
          Return true only if the password matches the initial, reset value.
 String toString()
          Intended for debugging only.
 
Methods inherited from class Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

User

public User(SafeText aName,
            SafeText aHashedPassword)
     throws ModelCtorException
Constructor taking a password that is already hashed.

This constructor is used when retrieving from the database, where passwords are already stored in a hashed form.

Parameters:
aName - user name (required), 6..50 characters, no spaces.
aHashedPassword - hashed user password (required), 6..50 characters, no spaces, and never the same as the user name.
Throws:
ModelCtorException
Method Detail

forNewUserOrPasswordReset

public static User forNewUserOrPasswordReset(SafeText aName)
                                      throws ModelCtorException
Factory method for a new User, with a fixed, initial password.

In this implementation, the initial password is very long, and thus inconvenient to use. New users are encouraged to change it immediately, upon first use. This is not enforced, however.

Throws:
ModelCtorException

forPasswordChange

public static User forPasswordChange(SafeText aName,
                                     SafeText aClearTextPassword)
                              throws ModelCtorException
Factory method for a new User, reflecting a new password.

The arguments must pass the same constraints as User(SafeText, SafeText).

Throws:
ModelCtorException

getName

public SafeText getName()
Return the user name passed to the constructor.


getPassword

public SafeText getPassword()
Return the hashed password (never cleartext).


isResetValue

public boolean isResetValue()
Return true only if the password matches the initial, reset value.

Passwords which match the initial, reset value should be changed by the end user.


toString

public String toString()
Intended for debugging only. The return value will mask the password.

Overrides:
toString in class Object

equals

public boolean equals(Object aThat)
Overrides:
equals in class Object

hashCode

public int hashCode()
Overrides:
hashCode in class Object

Fish & Chips Club 4.10.0.0

Copyright Hirondelle Systems - Generated 2013Oct19.12.26