public final class StandardPasswordEncoder extends Object implements PasswordEncoder
PasswordEncoder implementation that uses SHA-256 hashing with 1024 iterations and a
random 8-byte random salt value. It uses an additional system-wide secret value to provide additional protection.
The digest algorithm is invoked on the concatenated bytes of the salt, secret and password.
If you are developing a new system, BCryptPasswordEncoder is
a better choice both in terms of security and interoperability with other languages.
| Constructor and Description |
|---|
StandardPasswordEncoder()
Constructs a standard password encoder with no additional secret value.
|
StandardPasswordEncoder(CharSequence secret)
Constructs a standard password encoder with a secret value which is also included in the
password hash.
|
| Modifier and Type | Method and Description |
|---|---|
String |
encode(CharSequence rawPassword)
Encode the raw password.
|
boolean |
matches(CharSequence rawPassword,
String encodedPassword)
Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.
|
public StandardPasswordEncoder()
public StandardPasswordEncoder(CharSequence secret)
secret - the secret key used in the encoding process (should not be shared)public String encode(CharSequence rawPassword)
PasswordEncoderencode in interface PasswordEncoderpublic boolean matches(CharSequence rawPassword, String encodedPassword)
PasswordEncodermatches in interface PasswordEncoderrawPassword - the raw password to encode and matchencodedPassword - the encoded password from storage to compare with