org.mortbay.jetty.security
Class Password
java.lang.Object
org.mortbay.jetty.security.Credential
org.mortbay.jetty.security.Password
- public class Password
- extends Credential
Password utility class.
This utility class gets a password or pass phrase either by:
+ Password is set as a system property.
+ The password is prompted for and read from standard input
+ A program is run to get the password.
Passwords that begin with OBF: are de obfuscated.
Passwords can be obfuscated by run org.mortbay.util.Password as a
main class. Obfuscated password are required if a system needs
to recover the full password (eg. so that it may be passed to another
system). They are not secure, but prevent casual observation.
Passwords that begin with CRYPT: are oneway encrypted with
UnixCrypt. The real password cannot be retrieved, but comparisons
can be made to other passwords. A Crypt can be generated by running
org.mortbay.util.UnixCrypt as a main class, passing password and
then the username. Checksum passwords are a secure(ish) way to
store passwords that only need to be checked rather
than recovered. Note that it is not strong security - specially if
simple passwords are used.
- Author:
- Greg Wilkins (gregw)
Password
public Password(String password)
- Constructor.
- Parameters:
password
- The String password.
toString
public String toString()
toStarString
public String toStarString()
check
public boolean check(Object credentials)
- Description copied from class:
Credential
- Check a credential
- Specified by:
check
in class Credential
- Parameters:
credentials
- The credential to check against. This may either be
another Credential object, a Password object or a String which is
interpreted by this credential.
- Returns:
- True if the credentials indicated that the shared secret is
known to both this Credential and the passed credential.
equals
public boolean equals(Object o)
hashCode
public int hashCode()
obfuscate
public static String obfuscate(String s)
deobfuscate
public static String deobfuscate(String s)
getPassword
public static Password getPassword(String realm,
String dft,
String promptDft)
- Get a password.
A password is obtained by trying
- Calling
System.getProperty(realm,dft)
- Prompting for a password
- Using promptDft if nothing was entered.
- Parameters:
realm
- The realm name for the password, used as a SystemProperty name.dft
- The default password.promptDft
- The default to use if prompting for the password.
- Returns:
- Password
main
public static void main(String[] arg)
- Parameters:
arg
-