Example usage for org.apache.shiro.crypto.hash.format Shiro1CryptFormat format

List of usage examples for org.apache.shiro.crypto.hash.format Shiro1CryptFormat format

Introduction

In this page you can find the example usage for org.apache.shiro.crypto.hash.format Shiro1CryptFormat format.

Prototype

public String format(Hash hash) 

Source Link

Usage

From source file:annis.service.internal.AdminServiceImpl.java

License:Apache License

@POST
@Path("users/{userName}/password")
@Consumes("text/plain")
@Produces("application/xml")
public Response changePassword(String newPassword, @PathParam("userName") String userName) {
    Subject requestingUser = SecurityUtils.getSubject();
    requestingUser.checkPermission("admin:write:user");

    ANNISUserConfigurationManager confManager = getConfManager();
    ANNISUserRealm userRealm = getUserRealm();
    if (confManager != null && userRealm != null) {
        User user = confManager.getUser(userName);
        if (user == null) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }/* w ww  . ja  v a 2s.  c om*/

        Shiro1CryptFormat format = new Shiro1CryptFormat();

        SecureRandomNumberGenerator generator = new SecureRandomNumberGenerator();
        ByteSource salt = generator.nextBytes(128 / 8); // 128 bit

        Sha256Hash hash = new Sha256Hash(newPassword, salt, 1);
        user.setPasswordHash(format.format(hash));

        if (userRealm.updateUser(user)) {
            return Response.ok().entity(user).build();
        }
    }

    return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not change password").build();
}