Interface AbstractPasswordService

All Known Implementing Classes:
PasswordService

public interface AbstractPasswordService
Abstract password authentication service.

This abstract class defines the interface for password authentication.

It provides methods to verify a password, to update a password, and to throttle password verification attempts.

See Also:
  • Method Details

    • getBaseAuth

      AuthService getBaseAuth()
      Returns the basic authentication service.
    • isAttemptThrottlingEnabled

      boolean isAttemptThrottlingEnabled()
      Returns whether password attempt throttling is enabled.
    • getStrengthValidator

      Returns a validator which checks that a password is strong enough.
    • delayForNextAttempt

      int delayForNextAttempt(User user)
      Returns the delay for this user for a next authentication attempt.

      If password attempt throttling is enabled, then this returns the number of seconds this user must wait for a new authentication attempt, presumably because of a number of failed attempts.

      See Also:
    • verifyPassword

      PasswordResult verifyPassword(User user, String password)
      Verifies a password for a given user.

      The supplied password is verified against the user's credentials stored in the database. If password account throttling is enabled, it may also refuse an authentication attempt.

    • updatePassword

      void updatePassword(User user, String password)
      Sets a new password for the given user.

      This stores a new password for the user in the database.