Package org.eclipse.jetty.util.security

Class Password

java.lang.Object

org.eclipse.jetty.util.security.Credential

org.eclipse.jetty.util.security.Password

All Implemented Interfaces:

Serializable

public class Password
extends Credential

Password utility class. This utility class gets a password or pass phrase either by:

 + Password is set as a system property.
 + The password is prompted for and read from standard input
 + A program is run to get the password.
 

Passwords that begin with OBF: are de obfuscated. Passwords can be obfuscated by run org.eclipse.util.Password as a main class. Obfuscated password are required if a system needs to recover the full password (eg. so that it may be passed to another system). They are not secure, but prevent casual observation.

Passwords that begin with CRYPT: are oneway encrypted with UnixCrypt. The real password cannot be retrieved, but comparisons can be made to other passwords. A Crypt can be generated by running org.eclipse.util.UnixCrypt as a main class, passing password and then the username. Checksum passwords are a secure(ish) way to store passwords that only need to be checked rather than recovered. Note that it is not strong security - specially if simple passwords are used.

See Also:

• Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class org.eclipse.jetty.util.security.Credential

Credential.Crypt, Credential.MD5

Field Summary

Fields

Modifier and Type	Field	Description
static final String	__OBFUSCATE

Constructor Summary

Constructors

Constructor	Description
Password(String password)	Constructor.

Method Summary

Modifier and Type	Method	Description
boolean	check(Object credentials)	Check a credential
static String	deobfuscate(String s)
boolean	equals(Object o)
static Password	getPassword(String realm, String dft, String promptDft)	Get a password.
int	hashCode()
static void	main(String[] args)
static String	obfuscate(String s)
String	toStarString()
String	toString()

Methods inherited from class org.eclipse.jetty.util.security.Credential

byteEquals, getCredential, stringEquals

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Details

__OBFUSCATE

public static final String __OBFUSCATE

See Also:

• Constant Field Values

Constructor Details

Password

public Password(String password)

Constructor.

Parameters:

password - The String password.

Method Details

toString

public String toString()

Overrides:

toString in class Object

toStarString

public String toStarString()

check

public boolean check(Object credentials)

Description copied from class: Credential

Check a credential

Specified by:

check in class Credential

Parameters:

credentials - The credential to check against. This may either be another Credential object, a Password object or a String which is interpreted by this credential.

Returns:

True if the credentials indicated that the shared secret is known to both this Credential and the passed credential.

equals

public boolean equals(Object o)

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object

obfuscate

public static String obfuscate(String s)

deobfuscate

public static String deobfuscate(String s)

getPassword

public static Password getPassword(String realm,
 String dft,
 String promptDft)

Get a password. A password is obtained by trying

• Calling System.getProperty(realm,dft)
• Prompting for a password
• Using promptDft if nothing was entered.

Parameters:

realm - The realm name for the password, used as a SystemProperty name.

dft - The default password.

promptDft - The default to use if prompting for the password.

Returns:

Password

main

public static void main(String[] args)
                 throws IOException

Throws:

IOException