org.apache.shiro.authc
Interface SaltedAuthenticationInfo

All Superinterfaces:
AuthenticationInfo, Serializable
All Known Implementing Classes:
SimpleAccount, SimpleAuthenticationInfo

public interface SaltedAuthenticationInfo
extends AuthenticationInfo

Interface representing account information that may use a salt when hashing credentials. This interface exists primarily to support environments that hash user credentials (e.g. passwords).

Salts should typically be generated from a secure pseudo-random number generator so they are effectively impossible to guess. The salt value should be safely stored along side the account information to ensure it is maintained along with the account's credentials.

This interface exists as a way for Shiro to acquire that salt so it can correctly perform credentials matching during login attempts. See the HashedCredentialsMatcher JavaDoc for more information on hashing credentials with salts.

Since:
1.1
See Also:
HashedCredentialsMatcher

Method Summary
 ByteSource getCredentialsSalt()
          Returns the salt used to salt the account's credentials or null if no salt was used.
 
Methods inherited from interface org.apache.shiro.authc.AuthenticationInfo
getCredentials, getPrincipals
 

Method Detail

getCredentialsSalt

ByteSource getCredentialsSalt()
Returns the salt used to salt the account's credentials or null if no salt was used.

Returns:
the salt used to salt the account's credentials or null if no salt was used.


Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.