Skip to content
This repository has been archived by the owner on Nov 3, 2017. It is now read-only.

Configuring ShiroHashServicePasswordEncoder

Jump to bottom
apetro edited this page Dec 12, 2012 · 10 revisions

Since version 1.0.2 of cas-addons, there is an implementation of CAS' PasswordEncoder interface which exhibits stronger cryptography properties by offering the opportunity to configure salt for hashing, a number of hashing iterations as well as one of the following MessageDigest hashing algorithms:

  • MD2
  • MD5
  • SHA-1
  • SHA-256
  • SHA-384
  • SHA-512

This implemetatation delegates to Apache Shiro's HashService API. If there are no options provided at this encoder's bean configuration time, the default values from DefaultHashService are used.

Configure with default values

<bean id="passwordEncoder" class="net.unicon.cas.addons.authentication.handler.ShiroHashServicePasswordEncoder" 
      init-method="init"/>

Configure with all the exposed configuration values

<bean id="passwordEncoder" class="net.unicon.cas.addons.authentication.handler.ShiroHashServicePasswordEncoder" 
      init-method="init"
      p:digestAlgorithmName="SHA-1"
      p:salt="Fe7(CN)18"
      p:hashIterations="100"/>
Clone this wiki locally