1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 */ 19 package org.apache.shiro.authc.credential; 20 21 import org.apache.shiro.authc.AuthenticationInfo; 22 import org.apache.shiro.authc.AuthenticationToken; 23 24 25 /** 26 * Interface implemented by classes that can determine if an AuthenticationToken's provided 27 * credentials matches a corresponding account's credentials stored in the system. 28 * 29 * <p>Simple direct comparisons are handled well by the 30 * {@link SimpleCredentialsMatcher SimpleCredentialsMatcher}. If you 31 * hash user's credentials before storing them in a realm (a common practice), look at the 32 * {@link HashedCredentialsMatcher HashedCredentialsMatcher} implementations, 33 * as they support this scenario. 34 * 35 * @see SimpleCredentialsMatcher 36 * @see AllowAllCredentialsMatcher 37 * @see Md5CredentialsMatcher 38 * @see Sha1CredentialsMatcher 39 * @since 0.1 40 */ 41 public interface CredentialsMatcher { 42 43 /** 44 * Returns {@code true} if the provided token credentials match the stored account credentials, 45 * {@code false} otherwise. 46 * 47 * @param token the {@code AuthenticationToken} submitted during the authentication attempt 48 * @param info the {@code AuthenticationInfo} stored in the system. 49 * @return {@code true} if the provided token credentials match the stored account credentials, 50 * {@code false} otherwise. 51 */ 52 boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info); 53 54 }