Acegi Security System for Spring

Clover coverage report - Acegi Security System for Spring - 1.0.0-RC1

Coverage timestamp: Mon Dec 5 2005 09:05:15 EST

FRAMES NO FRAMES

file stats:	LOC:	98		Methods:	5
	NCLOC:	25		Classes:	1

Source file

Conditionals

Statements

Methods

TOTAL

PlaintextPasswordEncoder.java

100%

100%

1		/* Copyright 2004 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity.providers.encoding;
17
18		/**
19		* <p>
20		* Plaintext implementation of PasswordEncoder.
21		* </p>
22		*
23		* <P>
24		* As callers may wish to extract the password and salts separately from the
25		* encoded password, the salt must not contain reserved characters
26		* (specifically '{' and '}').
27		* </p>
28		*
29		* @author colin sampaleanu
30		* @author Ben Alex
31		* @version $Id: PlaintextPasswordEncoder.java,v 1.4 2005/11/17 00:55:49 benalex Exp $
32		*/
33		public class PlaintextPasswordEncoder extends BasePasswordEncoder {
34		//~ Instance fields ========================================================
35
36		private boolean ignorePasswordCase = false;
37
38		//~ Methods ================================================================
39
40		/**
41		* Indicates whether the password comparison is case sensitive.
42		*
43		* <P>
44		* Defaults to <code>false</code>, meaning an exact case match is required.
45		* </p>
46		*
47		* @param ignorePasswordCase set to <code>true</code> for less stringent
48		* comparison
49		*/
50	1	public void setIgnorePasswordCase(boolean ignorePasswordCase) {
51	1	this.ignorePasswordCase = ignorePasswordCase;
52		}
53
54	1	public boolean isIgnorePasswordCase() {
55	1	return ignorePasswordCase;
56		}
57
58	24	public boolean isPasswordValid(String encPass, String rawPass, Object salt) {
59	24	String pass1 = encPass + "";
60
61		// Strict delimiters is false because pass2 never persisted anywhere
62		// and we want to avoid unnecessary exceptions as a result (the
63		// authentication will fail as the encodePassword never allows them)
64	24	String pass2 = mergePasswordAndSalt(rawPass, salt, false);
65
66	24	if (!ignorePasswordCase) {
67	22	return pass1.equals(pass2);
68		} else {
69	2	return pass1.equalsIgnoreCase(pass2);
70		}
71		}
72
73	4	public String encodePassword(String rawPass, Object salt) {
74	4	return mergePasswordAndSalt(rawPass, salt, true);
75		}
76
77		/**
78		* Demerges the previously {@link #encodePassword(String,
79		* Object)}<code>String</code>.
80		*
81		* <P>
82		* The resulting array is guaranteed to always contain two elements. The
83		* first is the password, and the second is the salt.
84		* </p>
85		*
86		* <P>
87		* Throws an exception if <code>null</code> or an empty <code>String</code>
88		* is passed to the method.
89		* </p>
90		*
91		* @param password from {@link #encodePassword(String, Object)}
92		*
93		* @return an array containing the password and salt
94		*/
95	1	public String[] obtainPasswordAndSalt(String password) {
96	1	return demergePasswordAndSalt(password);
97		}
98		}