JBoss.orgCommunity Documentation
API contains Credential and CredentialType interfaces. CredentialType defines type of credential object. Default implementation supports two types:
PASSWORD - text password represented by java.lang.String object
BINARY - binary credential represented by byte[]. For example some kind of certificate.
Two basic implementations are provided:
org.picketlink.idm.impl.api.BinaryCredential - Credential with BINARY CredentialType
org.picketlink.idm.impl.api.PasswordCredential - Credential with PASSWORD CredentialType
Because credentials values are stored as hash or in other encoded form both SPI and API only enables to update and validate credential value and not to read it from persistence store. API enables to only protect Identity objects with credentials. All related management operations are exposed in AttributesManager interface.
User anotherOne = session.getPersistenceManager().createUser("blah1");
session.getAttributesManager().updatePassword(anotherOne, "Password2000");
assertTrue(session.getAttributesManager().validatePassword(anotherOne, "Password2000"));
Credential password = new PasswordCredential("SuperPassword2345");
session.getAttributesManager().updateCredential(anotherOne, password);
assertTrue(session.getAttributesManager().validateCredentials(anotherOne, new Credential[]{password}));
// binary credential
byte[] cert = new byte[512000];
random.nextBytes(cert);
Credential binaryCredential = new BinaryCredential(cert);
session.getAttributesManager().updateCredential(anotherOne, binaryCredential);
assertTrue(session.getAttributesManager().validateCredentials(anotherOne, new Credential[]{binaryCredential}));