//use SHA-1 hashing in this test:
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(Sha1Hash.ALGORITHM_NAME);
//simulate a user account with a SHA-1 hashed and salted password:
ByteSource salt = new SecureRandomNumberGenerator().nextBytes();
Object hashedPassword = new Sha1Hash("password", salt);
SimpleAuthenticationInfo account = new SimpleAuthenticationInfo("username", hashedPassword, salt, "realmName");
//simulate a username/password (plaintext) token created in response to a login attempt:
AuthenticationToken token = new UsernamePasswordToken("username", "password");