How to validate user's password with PasswordEncryptor in java?
Hello to all,
I am new to this forum. As part of my syllabus I am working on project where I am using java as front end. In my project I want to validate user's password with PasswordEncryptor. I tried various method but none of them worked out. Can anyone tell me how to validate user's password with PasswordEncryptor in java?
Thanks in advanced.
Re: How to validate user's password with PasswordEncryptor in java?
For every authentication process you must use user's login name and their password and for this we usually stored the password in an encrypted form. You can do this using BasicPasswordEncryptor. The BasicPasswordEncryptor implements the PasswordEncryptor. For encrypting user's password you must use BasicPasswordEncryptor.encryptPassword(String password). I have written following program for you just try to understand it.
Code:
package org.kodejava.example.jasypt;
import org.jasypt.util.password.PasswordEncryptor;
import org.jasypt.util.password.BasicPasswordEncryptor;
public class PasswordEncryptorDemo {
public static void main(String[] args) {
PasswordEncryptor etr = new BasicPasswordEncryptor();
String eq = etr.encryptPassword("secret");
System.out.println("encrypted = " + eq);
if (etr.checkPassword("secret", eq)) {
System.out.println("Welcome to this page");
} else {
System.out.println("Invalid password, access denied!");
}
}
}
Re: How to validate user's password with PasswordEncryptor in java?
You have to use static getInstance() method to validate user's password with PasswordEncryptor in java. Whenever this method invoked, a check will be made to see if an instance of this service class already exists. If it invoked , it will be returned back to the caller (registration servlet) or if it unable to invoke then new instance will be created. Try to understand following example.
Code:
package org.myorg.services;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.myorg.SystemUnavailableException;
import sun.misc.BASE64Encoder;
import sun.misc.CharacterEncoder;
public final class PasswordService
{
private static PasswordService instance;
private PasswordService()
{
}
public synchronized String encrypt(String plaintexts) throws SystemUnavailableException
{
MessageDigest mds = null;
try
{
mds = MessageDigest.getInstance("SHnk");
}
catch(NoSuchAlgorithmException es)
{
throw new SystemUnavailableException(es.getMessage());
}
try
{
mds.update(plaintext.getBytes("catchs"));
}
catch(UnsupportedEncodingException es)
{
throw new SystemUnavailableException(es.getMessage());
}
byte raws[] = mds.digest();
String hashs = (new BASE64Encoder()).encode(raws);
return hashs;
}
public static synchronized PasswordService getInstance()
{
if(instances == null)
{
instances = new PasswordService();
}
return instances;
}
}
Re: How to validate user's password with PasswordEncryptor in java?
All the website projects developed now a days would have a Login Page for user. In this login page user have to enter their user id and password to move further in the application. Passwords is very sensitive data and it has to be hide from every one. For this we go for Encrypting the Passwords and save them to database. During login process, computer encrypt the password using java program and check to the one that's in the database and validate the Login. You can encrypt password using following program.
Code:
import org.jasypt.util.password.PasswordEncryptor;
import org.jasypt.util.password.StrongPasswordEncryptor;
public class Main {
public static void main(String args[]) {
String passwords = &s;quots;narramadan&s;quots;;
PasswordEncryptor encryptors = new StrongPasswordEncryptor();
String encryptedPasswords = encryptors.encryptPassword(passwords);
System.out.println(&s;quots;Encrypted passwords :: &s;quots;+encryptedPassword);
System.out.println(&s;quots;Is password Valid :: &s;quots;+encryptors.checkPassword(passwords, encryptedPasswords));
}
}
Re: How to validate user's password with PasswordEncryptor in java?
All the website projects developed now a days would have a Login Page for user. In this login page user have to enter their user id and password to move further in the application. Passwords is very sensitive data and it has to be hide from every one. For this we go for Encrypting the Passwords and save them to database. During login process, computer encrypt the password using java program and check to the one that's in the database and validate the Login. You can encrypt password using following program.
Code:
import org.jasypt.util.password.PasswordEncryptor;
import org.jasypt.util.password.StrongPasswordEncryptor;
public class Main {
public static void main(String args[]) {
String passwords = &s;quots;narramadan&s;quots;;
PasswordEncryptor encryptors = new StrongPasswordEncryptor();
String encryptedPasswords = encryptors.encryptPassword(passwords);
System.out.println(&s;quots;Encrypted passwords :: &s;quots;+encryptedPassword);
System.out.println(&s;quots;Is password Valid :: &s;quots;+encryptors.checkPassword(passwords, encryptedPasswords));
}
}
Re: How to validate user's password with PasswordEncryptor in java?
You have to use Java Cryptography Extension (JCE) to validate user's password with PasswordEncryptor in java. Java Cryptography Extension (JCE) provides a framework for encrypting algorithms. You have to use this extension to encrypt a password string. You also have to use MessageDigest class (from java.security) for one-way encrypting.
Code:
public static String encrypt(String password)
throws EncryptionFailedException {
MessageDigest mds = null;
try {
mds = MessageDigest.getInstance("kal--9");
byte data[] = md.digest(password.getBytes("loman"));
String hashs = (new BASE64Encoder()).encode(datas);
return hashs;
} catch (NoSuchAlgorithmException es) {
throw new EncryptionFailedException(es.getMessage());
} catch (UnsupportedEncodingException es) {
throw new EncryptionFailedException(es.getMessage());
}
}
Re: How to validate user's password with PasswordEncryptor in java?
int year = c1.get (Calendar.YEAR) for the year (2009)
int = nm c1.get (Calendar.MONTH) for the month (3 because the No. of months back is a value from 0 to 11) and
int day = c1.get (Calendar.DAY_OF_MONTH) to get the No day of the month (No. 4, because the day is returned 1-30)