shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Les Hazlewood (JIRA)" <>
Subject [jira] Created: (SHIRO-176) AuthenticationInfo instances should be able to return stored salt
Date Wed, 16 Jun 2010 02:52:22 GMT
AuthenticationInfo instances should be able to return stored salt

                 Key: SHIRO-176
             Project: Shiro
          Issue Type: Improvement
    Affects Versions: 0.9-RC1, 0.9, 1.0.0, 1.0.1
            Reporter: Les Hazlewood
             Fix For: 1.1.0

When comparing credentials hashed with a salt, the salt value should be easily accessible
from the AuthenticationInfo instance.  Perhaps a new SaltedAuthenticationInfo interface should
be introduced (and have the UsernamePasswordToken implement this interface) in order to easily
acquire a salt.

Currently the HashedCredentialsMatcher attempts to acquire the salt from the AuthenticationToken.
 However, the large majority of the time, the salt will be stored with the AuthenticationInfo
and it should be possible to acquire it from that.

After adding the new interface, the HashedCredentialsMatcher will need a new method: getStoredCredentials(token,
authcInfo) or something similar.  The default implementation can simply call the existing
getCredentials(token) method by default to retain current behavior.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message