org.apache.shiro.authc
Interface SaltedAuthenticationInfo
- All Superinterfaces:
- AuthenticationInfo, Serializable
- All Known Implementing Classes:
- SimpleAccount, SimpleAuthenticationInfo
public interface SaltedAuthenticationInfo
- extends AuthenticationInfo
Interface representing account information that may use a salt when hashing credentials. This interface
exists primarily to support environments that hash user credentials (e.g. passwords).
Salts should typically be generated from a secure pseudo-random number generator so they are effectively
impossible to guess. The salt value should be safely stored along side the account information to ensure
it is maintained along with the account's credentials.
This interface exists as a way for Shiro to acquire that salt so it can correctly perform
credentials matching
during login attempts.
See the HashedCredentialsMatcher
JavaDoc for
more information on hashing credentials with salts.
- Since:
- 1.1
- See Also:
HashedCredentialsMatcher
getCredentialsSalt
ByteSource getCredentialsSalt()
- Returns the salt used to salt the account's credentials or
null
if no salt was used.
- Returns:
- the salt used to salt the account's credentials or
null
if no salt was used.
Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.