
Common Lib to Hash passwords which is compatible to Java EE/ CDI (e.g. payara, wildfly) and Spring Boot.

Primary LanguageJavaApache License 2.0Apache-2.0

Hash Lib CI CodeQL

Hash Lib Cli

Tool to create BCrypt and PBKDF2 hashes of passwords directly in the command line:

Create a password hash


java -jar hash-cli.jar mypassword
> $2a$10$m4hjjVjjGD36bgHlblJaweMDrGelSO1lx4osfpNi/7DN9ZvTzMqA6


java -jar hash-cli.jar -a PBKDF2WithHmacSHA512 -p mypassword
> PBKDF2WithHmacSHA512:2048:ilIYz4CirlKeZfa59Tu9Dlruc69zaAxGyDb0OOcpppM=:HMv6yD8WUKSM2XY6jHIuzz9ShXX1wj120Njb0TptJ6hBBWAFnOdx0xR1hvz9ICtp91sdBxRaMyU8LsYZCIuP9g==

Verify a password hash


java -jar hash-cli.jar -p foo -h "$2a$10$At1ZDrj3taopwLzeZ237KekybhWlF6quEd8bv9eAIWrTVzvtKyTEi"
> true


java -jar hash-cli.jar -a PBKDF2WithHmacSHA512 -p mypassword -h PBKDF2WithHmacSHA512:2048:ilIYz4CirlKeZfa59Tu9Dlruc69zaAxGyDb0OOcpppM=:HMv6yD8WUKSM2XY6jHIuzz9ShXX1wj120Njb0TptJ6hBBWAFnOdx0xR1hvz9ICtp91sdBxRaMyU8LsYZCIuP9g==
> true


Common lib which provides a common Hash algorithms for JEE and Spring Boot:

  • BCrypt
  • PBKDF2WithHmacSHA224
  • PBKDF2WithHmacSHA256
  • PBKDF2WithHmacSHA384
  • PBKDF2WithHmacSHA512


Support BCrypt and PBKDF2 password hash and verification. As so be compatible with existing JEE JDBC user stores and Spring Boot user stores.


import javax.annotation.security.DeclareRoles;
import javax.enterprise.context.ApplicationScoped;
import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
import javax.security.enterprise.identitystore.DatabaseIdentityStoreDefinition;
import javax.ws.rs.ApplicationPath;
import javax.ws.rs.core.Application;
import org.sterl.jee.hash.BCryptAndPbkdf2PasswordHash;

@BasicAuthenticationMechanismDefinition(realmName = "jee-basic")
@DeclareRoles({ "admin", "user" }) // this authorities are allowed
    callerQuery = "select password from users where enabled = true AND username = ?",
    groupsQuery = "select authority from authorities where username = ?",
    dataSourceLookup = "jdbc/identity-store",
    hashAlgorithm = BCryptAndPbkdf2PasswordHash.class,
    hashAlgorithmParameters = {
public class ApplicationConfiguration extends Application {

Maven import JEE


Base Lib


How to release

  • mvn versions:set -DnewVersion=x.x.x-SNAPSHOT
  • mvn clean install -Prelease
  • mvn deploy