@ThreadSafety(level=COMPLETELY_THREADSAFE) public final class ClearInMemoryPasswordEncoder extends InMemoryPasswordEncoder
Constructor and Description |
---|
ClearInMemoryPasswordEncoder(java.lang.String prefix,
PasswordEncoderOutputFormatter outputFormatter)
Creates a new instance of this in-memory directory server password encoder
with the provided information.
|
Modifier and Type | Method and Description |
---|---|
protected byte[] |
encodePassword(byte[] clearPassword,
ReadOnlyEntry userEntry,
java.util.List<Modification> modifications)
Encodes the provided clear-text password for storage in the in-memory
directory server.
|
protected void |
ensurePreEncodedPasswordAppearsValid(byte[] unPrefixedUnFormattedEncodedPasswordBytes,
ReadOnlyEntry userEntry,
java.util.List<Modification> modifications)
Verifies that the provided pre-encoded password (with the prefix removed
and any output formatting reverted) is compatible with the validation
performed by this password encoder.
|
protected byte[] |
extractClearPassword(byte[] unPrefixedUnFormattedEncodedPasswordBytes,
ReadOnlyEntry userEntry)
Attempts to extract the clear-text password used to generate the provided
encoded representation, if possible.
|
protected boolean |
passwordMatches(byte[] clearPasswordBytes,
byte[] unPrefixedUnFormattedEncodedPasswordBytes,
ReadOnlyEntry userEntry)
Indicates whether the provided clear-text password could have been used to
generate the given encoded password.
|
void |
toString(java.lang.StringBuilder buffer)
Appends a string representation of this password encoder to the provided
buffer.
|
clearPasswordMatchesEncodedPassword, encodePassword, ensurePreEncodedPasswordAppearsValid, extractClearPasswordFromEncodedPassword, getOutputFormatter, getPrefix, passwordStartsWithPrefix, toString
public ClearInMemoryPasswordEncoder(@NotNull java.lang.String prefix, @Nullable PasswordEncoderOutputFormatter outputFormatter)
prefix
- The string that will appear at the beginning of
encoded passwords. It must not be null
or
empty.outputFormatter
- The output formatter that will be used to format
the encoded representation of clear-text
passwords. It may be null
if no
special formatting should be applied to the raw
bytes.@NotNull protected byte[] encodePassword(@NotNull byte[] clearPassword, @NotNull ReadOnlyEntry userEntry, @NotNull java.util.List<Modification> modifications) throws LDAPException
encodePassword
in class InMemoryPasswordEncoder
clearPassword
- The bytes that comprise the clear-text password to
be encoded. It must not be null
or empty.userEntry
- The entry in which the encoded password will appear.
It must not be null
. If the entry is in the
process of being modified, then this will be a
representation of the entry as it appeared before
any changes have been applied.modifications
- A set of modifications to be applied to the user
entry. It must not be [@code null}. It will be an
empty list for entries created via LDAP add and LDIF
import operations. It will be a non-empty list for
LDAP modifications.LDAPException
- If a problem is encountered while trying to encode
the provided clear-text password.protected void ensurePreEncodedPasswordAppearsValid(@NotNull byte[] unPrefixedUnFormattedEncodedPasswordBytes, @NotNull ReadOnlyEntry userEntry, @NotNull java.util.List<Modification> modifications) throws LDAPException
true
if the provided
unPrefixedUnFormattedEncodedPasswordBytes
value could be used in
conjunction with the InMemoryPasswordEncoder.passwordMatches(byte[], byte[], com.unboundid.ldap.sdk.ReadOnlyEntry)
method, even if it does not
exactly match the format of the output that would have been generated by
the InMemoryPasswordEncoder.encodePassword(com.unboundid.asn1.ASN1OctetString, com.unboundid.ldap.sdk.ReadOnlyEntry, java.util.List<com.unboundid.ldap.sdk.Modification>)
method. For example, if this password encoder
uses a salt, then it may be desirable to accept passwords encoded with a
salt that has a different length than the encodePassword
method
would use when encoding a clear-test password. This may allow the
in-memory directory server to support pre-encoded passwords generated from
other types of directory servers that may use different settings when
encoding passwords, but still generates encoded passwords that are
compatible with this password encoder.ensurePreEncodedPasswordAppearsValid
in class InMemoryPasswordEncoder
unPrefixedUnFormattedEncodedPasswordBytes
- The bytes that comprise the pre-encoded password to validate,
with the prefix stripped off and the output formatting
reverted.userEntry
- The entry in which the password will appear. It must not be
null
. If the entry is in the process of being
modified, then this will be a representation of the entry
as it appeared before any changes have been applied.modifications
- A set of modifications to be applied to the user entry. It
must not be [@code null}. It will be an empty list for
entries created via LDAP add and LDIF import operations. It
will be a non-empty list for LDAP modifications.LDAPException
- If the provided encoded password is not compatible
with the validation performed by this password
encoder, or if a problem is encountered while
making the determination.protected boolean passwordMatches(@NotNull byte[] clearPasswordBytes, @NotNull byte[] unPrefixedUnFormattedEncodedPasswordBytes, @NotNull ReadOnlyEntry userEntry) throws LDAPException
passwordMatches
in class InMemoryPasswordEncoder
clearPasswordBytes
- The bytes that comprise the clear-text password to be
compared against the encoded password. It must not be
null
or empty.unPrefixedUnFormattedEncodedPasswordBytes
- The bytes that comprise the encoded password, with the prefix
stripped off and the output formatting reverted.userEntry
- The entry in which the encoded password appears. It must not
be null
.true
if the provided clear-text password could have been
used to generate the given encoded password, or false
if
not.LDAPException
- If a problem is encountered while attempting to
make the determination.@NotNull protected byte[] extractClearPassword(@NotNull byte[] unPrefixedUnFormattedEncodedPasswordBytes, @NotNull ReadOnlyEntry userEntry) throws LDAPException
extractClearPassword
in class InMemoryPasswordEncoder
unPrefixedUnFormattedEncodedPasswordBytes
- The bytes that comprise the encoded password, with the prefix
stripped off and the output formatting reverted.userEntry
- The entry in which the encoded password appears. It must not
be null
.LDAPException
- If this password encoder is not reversible, or if a
problem occurs while trying to extract the
clear-text representation from the provided encoded
password.public void toString(@NotNull java.lang.StringBuilder buffer)
toString
in class InMemoryPasswordEncoder
buffer
- The buffer to which the information should be appended.