AuthenticationInfo instances should be able to return stored salt
-----------------------------------------------------------------
Key: SHIRO-176
URL: https://issues.apache.org/jira/browse/SHIRO-176
Project: Shiro
Issue Type: Improvement
Affects Versions: 0.9-RC1, 0.9, 1.0.0, 1.0.1
Reporter: Les Hazlewood
Fix For: 1.1.0
When comparing credentials hashed with a salt, the salt value should be easily
accessible from the AuthenticationInfo instance. Perhaps a new
SaltedAuthenticationInfo interface should be introduced (and have the
UsernamePasswordToken implement this interface) in order to easily acquire a
salt.
Currently the HashedCredentialsMatcher attempts to acquire the salt from the
AuthenticationToken. However, the large majority of the time, the salt will be
stored with the AuthenticationInfo and it should be possible to acquire it from
that.
After adding the new interface, the HashedCredentialsMatcher will need a new
method: getStoredCredentials(token, authcInfo) or something similar. The
default implementation can simply call the existing getCredentials(token)
method by default to retain current behavior.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
