PasswordUtil (OMERO API)

java.lang.Object
- ome.security.auth.PasswordUtil

```
public class PasswordUtil
extends Object
```
Static methods for dealing with password hashes and the "password" table. Used primarily by AdminImpl

Since:

3.0-Beta1

Author:

Josh Moore, josh.moore at gmx.de

See Also:

SecuritySystem, AdminImpl

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class PasswordUtil.METHOD

Nested Classes
Modifier and Type	Class and Description
`static class`	`PasswordUtil.METHOD`

Field Summary

Fields
Modifier and Type Field and Description

static String DEFAULT_ENCODING
The default encoding for converting plain text passwords to byte arrays (UTF-8)

Fields
Modifier and Type	Field and Description
`static String`	`DEFAULT_ENCODING` The default encoding for converting plain text passwords to byte arrays (UTF-8)

Constructor Summary

Constructors
Constructor and Description
`PasswordUtil(SqlAction sql)`
`PasswordUtil(SqlAction sql, boolean passwordRequired)`
`PasswordUtil(SqlAction sql, boolean passwordRequired, Charset encoding)`
`PasswordUtil(SqlAction sql, Charset encoding)`
`PasswordUtil(SqlAction sql, Roles roles, boolean passwordRequired)`
`PasswordUtil(SqlAction sql, Roles roles, boolean passwordRequired, Charset encoding)`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`changeUserPasswordById(Long id, String password)` Calls `changeUserPasswordById(Long, String, METHOD)` with "false" as the value of the salt argument in order to provide backwards compatibility.
`void`	`changeUserPasswordById(Long id, String password, PasswordUtil.METHOD meth)` Calls either `preparePassword(String)` or `prepareSaltedPassword(Long, String)` and passes the resulting value to `SqlAction.setUserPassword(Long, String)`.
`String`	`generateRandomPasswd()`
`boolean`	`getDnById(Long id)`
`String`	`getUserPasswordHash(Long id)`
`boolean`	`isPasswordRequired(Long id)` Returns a boolean based on the supplied user ID and system property setting.
`static void`	`main(String[] args)` Main method which takes exactly one argument, passes it to `preparePassword(String)` and prints the results on `System.out`.
`protected String`	`passwordDigest(Long userId, String clearText, boolean salt)`
`String`	`passwordDigest(String clearText)` Creates an MD5 hash of the given clear text and base64 encodes it.
`protected String`	`preparePassword(Long userId, String newPassword, boolean salt)`
`String`	`preparePassword(String newPassword)`
`String`	`prepareSaltedPassword(Long userId, String newPassword)`
`String`	`saltedPasswordDigest(Long userId, String clearText)` Creates an MD5 hash of the given clear text and base64 encodes it.
`List<String>`	`userGroups(String name)`
`Long`	`userId(String name)` Get the user's ID
`String`	`userName(long id)` Get the user's name

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- DEFAULT_ENCODING
```
public static final String DEFAULT_ENCODING
```
  The default encoding for converting plain text passwords to byte arrays (UTF-8)
  
  See Also:
  
  Constant Field Values

Constructor Detail

PasswordUtil
```
public PasswordUtil(SqlAction sql)
```

PasswordUtil

public PasswordUtil(SqlAction sql,
                    boolean passwordRequired)

PasswordUtil

public PasswordUtil(SqlAction sql,
                    Charset encoding)

PasswordUtil

public PasswordUtil(SqlAction sql,
                    boolean passwordRequired,
                    Charset encoding)

PasswordUtil

public PasswordUtil(SqlAction sql,
                    Roles roles,
                    boolean passwordRequired)

PasswordUtil

public PasswordUtil(SqlAction sql,
                    Roles roles,
                    boolean passwordRequired,
                    Charset encoding)

Method Detail
- main
```
public static void main(String[] args)
```
  Main method which takes exactly one argument, passes it to preparePassword(String) and prints the results on System.out. This is used by the build system to define the "@ROOTPASS@" placeholder in data.sql.
  
  Parameters:
  
  args - the command-line arguments
- generateRandomPasswd
```
public String generateRandomPasswd()
```
- getDnById
```
public boolean getDnById(Long id)
```
- changeUserPasswordById
```
public void changeUserPasswordById(Long id,
                                   String password)
```
  Calls changeUserPasswordById(Long, String, METHOD) with "false" as the value of the salt argument in order to provide backwards compatibility.
  
  Parameters:
  
  id - the user ID
  
  password - the password
- changeUserPasswordById
```
public void changeUserPasswordById(Long id,
                                   String password,
                                   PasswordUtil.METHOD meth)
```
  Calls either preparePassword(String) or prepareSaltedPassword(Long, String) and passes the resulting value to SqlAction.setUserPassword(Long, String). An InternalException is thrown if the modification is not successful, which should only occur if the user has been deleted.
  
  Parameters:
  
  id - the user ID
  
  password - the password
  
  meth - how to encode the password
- getUserPasswordHash
```
public String getUserPasswordHash(Long id)
```
- userId
```
public Long userId(String name)
```
  Get the user's ID
  
  Parameters:
  
  name - the user's name
  
  Returns:
  
  their ID, or null if they cannot be found
- userName
```
public String userName(long id)
```
  Get the user's name
  
  Parameters:
  
  id - the user's ID
  
  Returns:
  
  their name, or null if they cannot be found
- userGroups
```
public List<String> userGroups(String name)
```
- preparePassword
```
public String preparePassword(String newPassword)
```
- prepareSaltedPassword
```
public String prepareSaltedPassword(Long userId,
                                    String newPassword)
```
- preparePassword
```
protected String preparePassword(Long userId,
                                 String newPassword,
                                 boolean salt)
```
- passwordDigest
```
public String passwordDigest(String clearText)
```
  Creates an MD5 hash of the given clear text and base64 encodes it.
  
  Parameters:
  
  clearText - the cleartext of the password
  
  Returns:
  
  the password hash
- saltedPasswordDigest
```
public String saltedPasswordDigest(Long userId,
                                   String clearText)
```
  Creates an MD5 hash of the given clear text and base64 encodes it. If the provided userId argument is not null, then it will be used as a salt value for the password.
  
  Parameters:
  
  userId - the user's ID, may be null
  
  clearText - the cleartext of the password
  
  Returns:
  
  the password hash
- passwordDigest
```
protected String passwordDigest(Long userId,
                                String clearText,
                                boolean salt)
```
- isPasswordRequired
```
public boolean isPasswordRequired(Long id)
```
  Returns a boolean based on the supplied user ID and system property setting. If password requirement is switched off or the user is a guest user, then this returns false. In all other cases this returns true.
  
  Parameters:
  
  id - The user ID.
  
  Returns:
  
  boolean true or false

Class PasswordUtil

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_ENCODING

Constructor Detail

PasswordUtil

PasswordUtil

PasswordUtil

PasswordUtil

PasswordUtil

PasswordUtil

Method Detail

main

generateRandomPasswd

getDnById

changeUserPasswordById

changeUserPasswordById

getUserPasswordHash

userId

userName

userGroups

preparePassword

prepareSaltedPassword

preparePassword

passwordDigest

saltedPasswordDigest

passwordDigest

isPasswordRequired