hirondelle.predict.pub.register
Class PasswordHasher
Object
hirondelle.predict.pub.register.PasswordHasher
public final class PasswordHasher
- extends Object
Hash passwords.
A hash function is a one-way function that returns text that is difficult to reverse.
A hash function is not an encryption, since the hashed value is never meant to be decrypted.
It is recommended that a random-but-fixed 'salt' value be added to a password before it
is hashed. That is not done here, but only because
Tomcat's implementation of form-based login allows for hashes, but not for salt values.
Passwords should never be stored in cleartext.
All user passwords will pass through this class before they are stored in the database.
As well, when the user logs in, the submitted password is first hashed (again, using this class)
before the comparison with the stored value is made.
Method Summary |
static String |
hash(String aCleartextPassword)
Return text of fixed length, representing a hash of a cleartext password. |
Methods inherited from class Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PasswordHasher
public PasswordHasher()
hash
public static String hash(String aCleartextPassword)
- Return text of fixed length, representing a hash of a cleartext password.
Copyright Hirondelle Systems - Generated 2013Oct19.12.27