View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.shiro.authc;
20  
21  import org.apache.shiro.util.ByteSource;
22  
23  /**
24   * Interface representing account information that may use a salt when hashing credentials.  This interface
25   * exists primarily to support environments that hash user credentials (e.g. passwords).
26   * <p/>
27   * Salts should typically be generated from a secure pseudo-random number generator so they are effectively
28   * impossible to guess.  The salt value should be safely stored along side the account information to ensure
29   * it is maintained along with the account's credentials.
30   * <p/>
31   * This interface exists as a way for Shiro to acquire that salt so it can correctly perform
32   * {@link org.apache.shiro.authc.credential.CredentialsMatcher credentials matching} during login attempts.
33   * See the {@link org.apache.shiro.authc.credential.HashedCredentialsMatcher HashedCredentialsMatcher} JavaDoc for
34   * more information on hashing credentials with salts.
35   *
36   * @see org.apache.shiro.authc.credential.HashedCredentialsMatcher
37   *
38   * @since 1.1
39   */
40  public interface SaltedAuthenticationInfo extends AuthenticationInfo {
41  
42      /**
43       * Returns the salt used to salt the account's credentials or {@code null} if no salt was used.
44       *
45       * @return the salt used to salt the account's credentials or {@code null} if no salt was used.
46       */
47      ByteSource getCredentialsSalt();
48  }