Interface Pbkdf2PasswordStorageSchemeCfg
-
- All Superinterfaces:
Configuration
,PasswordStorageSchemeCfg
- All Known Subinterfaces:
Pbkdf2HmacSha256PasswordStorageSchemeCfg
,Pbkdf2HmacSha512PasswordStorageSchemeCfg
public interface Pbkdf2PasswordStorageSchemeCfg extends PasswordStorageSchemeCfg
A server-side interface for querying PBKDF2 Password Storage Scheme settings.The PBKDF2 Password Storage Scheme provides a mechanism for encoding user passwords using the PBKDF2 message digest algorithm. PBKDF2 is the shortname for PBKDF2-HMAC-SHA1.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
addPbkdf2ChangeListener(ConfigurationChangeListener<Pbkdf2PasswordStorageSchemeCfg> listener)
Register to be notified when this PBKDF2 Password Storage Scheme is changed.Class<? extends Pbkdf2PasswordStorageSchemeCfg>
configurationClass()
Gets the configuration class associated with this PBKDF2 Password Storage Scheme.String
getJavaClass()
Gets the "java-class" property.int
getPbkdf2Iterations()
Gets the "pbkdf2-iterations" property.Pbkdf2PasswordStorageSchemeCfgDefn.RehashPolicy
getRehashPolicy()
Gets the "rehash-policy" property.void
removePbkdf2ChangeListener(ConfigurationChangeListener<Pbkdf2PasswordStorageSchemeCfg> listener)
Deregister an existing PBKDF2 Password Storage Scheme configuration change listener.-
Methods inherited from interface org.forgerock.opendj.config.Configuration
dn, name
-
Methods inherited from interface org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg
addChangeListener, isEnabled, removeChangeListener
-
-
-
-
Method Detail
-
configurationClass
Class<? extends Pbkdf2PasswordStorageSchemeCfg> configurationClass()
Gets the configuration class associated with this PBKDF2 Password Storage Scheme.- Specified by:
configurationClass
in interfaceConfiguration
- Specified by:
configurationClass
in interfacePasswordStorageSchemeCfg
- Returns:
- Returns the configuration class associated with this PBKDF2 Password Storage Scheme.
-
addPbkdf2ChangeListener
void addPbkdf2ChangeListener(ConfigurationChangeListener<Pbkdf2PasswordStorageSchemeCfg> listener)
Register to be notified when this PBKDF2 Password Storage Scheme is changed.- Parameters:
listener
- The PBKDF2 Password Storage Scheme configuration change listener.
-
removePbkdf2ChangeListener
void removePbkdf2ChangeListener(ConfigurationChangeListener<Pbkdf2PasswordStorageSchemeCfg> listener)
Deregister an existing PBKDF2 Password Storage Scheme configuration change listener.- Parameters:
listener
- The PBKDF2 Password Storage Scheme configuration change listener.
-
getJavaClass
String getJavaClass()
Gets the "java-class" property.Specifies the fully-qualified name of the Java class that provides the PBKDF2 Password Storage Scheme implementation.
Default value:
org.opends.server.extensions.PBKDF2PasswordStorageScheme
- Specified by:
getJavaClass
in interfacePasswordStorageSchemeCfg
- Returns:
- Returns the value of the "java-class" property.
-
getPbkdf2Iterations
int getPbkdf2Iterations()
Gets the "pbkdf2-iterations" property.The number of algorithm iterations to make.
By default, changes to this setting impact only newly created and updated passwords. However, if the rehash-policy is set to always or only-increase, it causes the server to recalculate each user's password hash on their next authentication, and write the new hash to the user's entry on disk. Changing the number of iterations therefore leads to a short-term spike in CPU and disk use as the server updates each user's password when they next authenticate. Longer term, increasing this settings results in more secure passwords at the expense of longer response times and lower throughput.
Default value:
10000
- Returns:
- Returns the value of the "pbkdf2-iterations" property.
-
getRehashPolicy
Pbkdf2PasswordStorageSchemeCfgDefn.RehashPolicy getRehashPolicy()
Gets the "rehash-policy" property.Indicates whether the server should rehash passwords after the cost has been changed.
Passwords will be rehashed when a user successfully authenticates. Note that rehashing will increase the write load on the server.
Default value:
never
- Returns:
- Returns the value of the "rehash-policy" property.
-
-