All Superinterfaces:: AuthenticationInfo, Serializable

All Known Implementing Classes:: SimpleAccount, SimpleAuthenticationInfo

public interface SaltedAuthenticationInfo extends AuthenticationInfo

Interface representing account information that may use a salt when hashing credentials. This interface exists primarily to support environments that hash user credentials (e.g. passwords).

Salts should typically be generated from a secure pseudo-random number generator so they are effectively impossible to guess. The salt value should be safely stored along side the account information to ensure it is maintained along with the account's credentials.

This interface exists as a way for Shiro to acquire that salt so it can correctly perform credentials matching during login attempts. See the HashedCredentialsMatcher JavaDoc for more information on hashing credentials with salts.

Since:

1.1

See Also:

Method Summary

Modifier and Type

Method

Description

org.apache.shiro.lang.util.ByteSource

getCredentialsSalt()

Returns the salt used to salt the account's credentials or null if no salt was used.

Methods inherited from interface org.apache.shiro.authc.AuthenticationInfo
getCredentials, getPrincipals

Method Details
- getCredentialsSalt
  
  org.apache.shiro.lang.util.ByteSource getCredentialsSalt()
  
  Returns the salt used to salt the account's credentials or null if no salt was used.
  
  Returns:
  
  the salt used to salt the account's credentials or null if no salt was used.

Interface SaltedAuthenticationInfo

Method Summary

Methods inherited from interface org.apache.shiro.authc.AuthenticationInfo

Method Details

getCredentialsSalt