List of usage examples for org.apache.shiro.crypto RandomNumberGenerator nextBytes
ByteSource nextBytes();
From source file:com.app.util.UserUtil.java
License:Open Source License
public static String generateUnsubscribeToken(String customerId) { RandomNumberGenerator rng = new SecureRandomNumberGenerator(); Object salt = rng.nextBytes(); return new Sha512Hash(customerId, salt, 1024).toBase64(); }
From source file:com.app.util.UserUtil.java
License:Open Source License
public static String updatePasswordResetToken(int userId) throws DatabaseConnectionException, SQLException { RandomNumberGenerator rng = new SecureRandomNumberGenerator(); Object randomBytes = rng.nextBytes(); String passwordResetToken = randomBytes.toString(); _userDAO.updatePasswordResetToken(userId, passwordResetToken); return passwordResetToken; }
From source file:com.app.util.UserUtil.java
License:Open Source License
private static List<String> _generatePasswordAndSalt(String plainTextPassword) { RandomNumberGenerator rng = new SecureRandomNumberGenerator(); Object salt = rng.nextBytes(); String hashedPasswordBase64 = new Sha512Hash(plainTextPassword, salt, 1024).toBase64(); List<String> passwordAndSalt = new ArrayList<>(); passwordAndSalt.add(hashedPasswordBase64); passwordAndSalt.add(salt.toString()); return passwordAndSalt; }
From source file:com.atsamour.habitatweave.controller.RegisterServlet.java
License:Open Source License
private void generatePassword(User user, String plainTextPassword) { RandomNumberGenerator rng = new SecureRandomNumberGenerator(); Object salt = rng.nextBytes(); // Now hash the plain-text password with the random salt and multiple // iterations and then Base64-encode the value (requires less space than Hex): String hashedPasswordBase64 = new Sha256Hash(plainTextPassword, salt, 1024).toBase64(); user.setPassword(hashedPasswordBase64); user.setSalt(salt.toString());/*from w w w. j a va2s .c o m*/ }
From source file:com.mycompany.shirofaces.SHA256.java
public static void main(String args[]) { RandomNumberGenerator rng = new SecureRandomNumberGenerator(); Object salt = rng.nextBytes(); String hashedPasswordBase64 = new Sha256Hash("juancho18", salt, 1024).toBase64(); Sha256Hash sha256Hash = new Sha256Hash("juancho18"); System.out.println("Clave sin salt: " + sha256Hash.toHex()); System.out.println("Clave con salt : " + hashedPasswordBase64); DefaultHashService hashService = new DefaultHashService(); hashService.setHashIterations(50000); // 500000 hashService.setHashAlgorithmName(Sha256Hash.ALGORITHM_NAME); hashService.setPrivateSalt(new SimpleByteSource("jumarome")); hashService.setGeneratePublicSalt(true); DefaultPasswordService passwordService = new DefaultPasswordService(); passwordService.setHashService(hashService); String salte = hashService.getPrivateSalt().toBase64(); String claveMaldita = passwordService.encryptPassword("unaep"); System.out.println("Miraaa: " + claveMaldita); System.out.println("private salt= " + salte); }
From source file:com.openqc.facades.UserFacade.java
/** * Attention: Username = Email //w w w .jav a 2 s . c o m * @todo : changer ce comportement! * @param email * @param username * @param password * @return */ @Override public User register(String email, String username, String password) { User user = new User(); RandomNumberGenerator rng = new SecureRandomNumberGenerator(); Object salt = rng.nextBytes(); String hashedPasswordBase64 = new Sha256Hash(password, salt, 1024).toBase64(); user.setPassword(hashedPasswordBase64); user.setSalt(salt.toString()); user.setEmail(username); user.setUsername(username); em.persist(user); em.flush(); return user; }
From source file:com.streamreduce.util.SecurityUtil.java
License:Apache License
public static String issueRandomAPIToken() { // we need to see our tokens with a random value so the same one isn't generated // for the same user each time. RandomNumberGenerator rng = new SecureRandomNumberGenerator(); Object randomNumber = rng.nextBytes(); // we also use a user agent as a validation factor // so when we later validate the token, we also validate the user agent String secret = generateRandomString(); String salt = secret.concat(randomNumber.toString()); return new Sha256Hash(secret, salt, 1024).toBase64(); }
From source file:com.wegas.core.security.ejb.UserFacade.java
License:MIT License
/** * * @param email//from w w w. j av a 2s. com */ public void sendNewPassword(String email) { try { JpaAccount acc = (JpaAccount) accountFacade.findByEmail(email); EMailFacade emailFacade = new EMailFacade(); RandomNumberGenerator rng = new SecureRandomNumberGenerator(); String newPassword = rng.nextBytes().toHex().substring(0, 12); String subject = "Wegas account"; String body = "A new password for your wegas account has been successfully created: " + newPassword; String from = "noreply@" + Helper.getWegasProperty("mail.default_domain"); if (acc != null) { emailFacade.send(acc.getEmail(), from, null, subject, body, Message.RecipientType.TO, "text/plain"); acc.setPassword(newPassword); acc.setPasswordHex(null); //force JPA update } } catch (WegasNoResultException | MessagingException ex) { } }
From source file:com.wegas.core.security.jparealm.JpaAccount.java
License:MIT License
/** * *//*www .ja v a 2s. co m*/ @PrePersist public void prePersist() { RandomNumberGenerator rng = new SecureRandomNumberGenerator(); this.setSalt(rng.nextBytes().toHex()); if (this.password == null || this.password.isEmpty()) { this.password = rng.nextBytes().toString().substring(0, 7); } this.preUpdate(); }
From source file:controllers.UserApp.java
License:Apache License
private static User createNewUser(User user) { RandomNumberGenerator rng = new SecureRandomNumberGenerator(); user.passwordSalt = rng.nextBytes().toBase64(); user.password = hashedPassword(user.password, user.passwordSalt); User.create(user);//from w w w. j ava 2 s . c o m if (isUseSignUpConfirm()) { user.changeState(UserState.LOCKED); } else { user.changeState(UserState.ACTIVE); } Email.deleteOtherInvalidEmails(user.email); return user; }