Iteration on password is added in JBoss Seam 2.1.2

I blogged about how you could hash your password using Seam 2.1.1 hash-user-password-in-seam-211-manually.

In the latest production release of JBoss Seam 2.1.2 and the @UserPassword annotation, an attribute of iteration is now added with a default of 1000.

We should then modify our GeneratePasswordHash method to the following:

/**
        * This method will generate a hash password
        *
        * @param password
        *            - The password in cleartext
        * @param salt
        *            - The username is used as salt
        * @return - hash password based on password and username
        */
       public static String generatePasswordHash(String password, String salt) throws GeneralSecurityException {
               char[] passToChar;
               byte[] saltToByte;
               String thePassword;
               try {
                       passToChar = password.toCharArray();
                       saltToByte = salt.getBytes();
                       AnnotatedBeanProperty<UserPassword> userPasswordProperty = new AnnotatedBeanProperty<UserPassword>(ProcessUser.class, UserPassword.class);
                       // Will get the hash value from annotation UserPassword in ProcessUser.class
                       PasswordHash.instance().setHashAlgorithm(userPasswordProperty.getAnnotation().hash().toUpperCase());
                       thePassword = PasswordHash.instance().createPasswordKey(passToChar, saltToByte, userPasswordProperty.getAnnotation().iterations());
                       return thePassword;
               } finally {
                       // Ensure that the password is not in memory
                       password = null;
                       passToChar = null;
                       salt = null;
                       saltToByte = null;
                       thePassword = null;
               }
       }

Review of Seam 2.x Web Development

So I have read the Seam 2.x Web Development
Build Robust Web Applications with Seam, Facelets, and RichFaces, using the JBoss Application Server

This book tries to cover a very very large aspect of Seam and friends.
The book has 11 chapters and almost 300 pages. If you are new Seam, this is a great kick start. Because the book covers a huge portion of the most important aspects of Seam, plus some advanced topics such as Remoting, however I feel that the chapters are too small and that they don't give a thourough and in depth explanation. Many of the examples can be found by googling a bit and reading the documentation of Seam, but this is why it is so good to have a book covering a very large portion of it.

The RichFaces chapter could have been improved alot. Around 30 pages is hardly enough to cover this very big framework. I believe you will get more out of downloading the live examples and looking at the source code and playing around with it instead.

So to sum up, this book is good for someone new to Seam, that want an overview of most of what Seam has to offer, however I would supplement with Seam in Action to cover more ground.