org.eclipse.jetty.http.security
Class Password

java.lang.Object
  extended by org.eclipse.jetty.http.security.Credential
      extended by org.eclipse.jetty.http.security.Password

public class Password
extends Credential

Password utility class. This utility class gets a password or pass phrase either by:

  + Password is set as a system property.
  + The password is prompted for and read from standard input
  + A program is run to get the password.
 
Passwords that begin with OBF: are de obfuscated. Passwords can be obfuscated by run org.eclipse.util.Password as a main class. Obfuscated password are required if a system needs to recover the full password (eg. so that it may be passed to another system). They are not secure, but prevent casual observation.

Passwords that begin with CRYPT: are oneway encrypted with UnixCrypt. The real password cannot be retrieved, but comparisons can be made to other passwords. A Crypt can be generated by running org.eclipse.util.UnixCrypt as a main class, passing password and then the username. Checksum passwords are a secure(ish) way to store passwords that only need to be checked rather than recovered. Note that it is not strong security - specially if simple passwords are used.


Nested Class Summary
 
Nested classes/interfaces inherited from class org.eclipse.jetty.http.security.Credential
Credential.Crypt, Credential.MD5
 
Field Summary
static String __OBFUSCATE
           
 
Constructor Summary
Password(String password)
          Constructor.
 
Method Summary
 boolean check(Object credentials)
          Check a credential
static String deobfuscate(String s)
           
 boolean equals(Object o)
           
static Password getPassword(String realm, String dft, String promptDft)
          Get a password.
 int hashCode()
           
static void main(String[] arg)
           
static String obfuscate(String s)
           
 String toStarString()
           
 String toString()
           
 
Methods inherited from class org.eclipse.jetty.http.security.Credential
getCredential
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

__OBFUSCATE

public static final String __OBFUSCATE
See Also:
Constant Field Values
Constructor Detail

Password

public Password(String password)
Constructor.

Parameters:
password - The String password.
Method Detail

toString

public String toString()
Overrides:
toString in class Object

toStarString

public String toStarString()

check

public boolean check(Object credentials)
Description copied from class: Credential
Check a credential

Specified by:
check in class Credential
Parameters:
credentials - The credential to check against. This may either be another Credential object, a Password object or a String which is interpreted by this credential.
Returns:
True if the credentials indicated that the shared secret is known to both this Credential and the passed credential.

equals

public boolean equals(Object o)
Overrides:
equals in class Object

hashCode

public int hashCode()
Overrides:
hashCode in class Object

obfuscate

public static String obfuscate(String s)

deobfuscate

public static String deobfuscate(String s)

getPassword

public static Password getPassword(String realm,
                                   String dft,
                                   String promptDft)
Get a password. A password is obtained by trying

Parameters:
realm - The realm name for the password, used as a SystemProperty name.
dft - The default password.
promptDft - The default to use if prompting for the password.
Returns:
Password

main

public static void main(String[] arg)
Parameters:
arg -


Copyright © 1995-2009 Mort Bay Consulting. All Rights Reserved.