org.mortbay.util

Class Password


public class Password
extends Credential

Password utility class. This utility class gets a password or pass phrase either by:
  + Password is set as a system property.
  + The password is prompted for and read from standard input
  + A program is run to get the password.
 
Passwords that begin with OBF: are de obfuscated. Passwords can be obfuscated by run org.mortbay.util.Password as a main class. Obfuscated password are required if a system needs to recover the full password (eg. so that it may be passed to another system). They are not secure, but prevent casual observation.

Passwords that begin with CRYPT: are oneway encrypted with UnixCrypt. The real password cannot be retrieved, but comparisons can be made to other passwords. A Crypt can be generated by running org.mortbay.util.UnixCrypt as a main class, passing password and then the username. Checksum passwords are a secure(ish) way to store passwords that only need to be checked rather than recovered. Note that it is not strong security - specially if simple passwords are used.

Version:
$Id: Password.java,v 1.13 2005/08/13 00:01:28 gregwilkins Exp $
Author:
Greg Wilkins (gregw)

Nested Class Summary

Nested classes/interfaces inherited from class org.mortbay.util.Credential

Credential.Crypt, Credential.MD5

Constructor Summary

Password(String password)
Constructor.

Method Summary

boolean
check(Object credentials)
Check a credential
static String
deobfuscate(String s)
boolean
equals(Object o)
static Password
getPassword(String realm, String dft, String promptDft)
Get a password.
int
hashCode()
static void
main(String[] arg)
static String
obfuscate(String s)
String
toStarString()
String
toString()

Methods inherited from class org.mortbay.util.Credential

check, getCredential

Constructor Details

Password

public Password(String password)
Constructor.
Parameters:
password - The String password.

Method Details

check

public boolean check(Object credentials)
Check a credential
Overrides:
check in interface Credential
Parameters:
credentials - The credential to check against. This may either be another Credential object, a Password object or a String which is interpreted by this credential.
Returns:
True if the credentials indicated that the shared secret is known to both this Credential and the passed credential.

deobfuscate

public static String deobfuscate(String s)

equals

public boolean equals(Object o)

getPassword

public static Password getPassword(String realm,
                                   String dft,
                                   String promptDft)
Get a password. A password is obtained by trying
  • Calling System.getProperty(realm,dft)
  • Prompting for a password
  • Using promptDft if nothing was entered.
Parameters:
realm - The realm name for the password, used as a SystemProperty name.
dft - The default password.
promptDft - The default to use if prompting for the password.
Returns:
Password

hashCode

public int hashCode()

main

public static void main(String[] arg)
Parameters:
arg -

obfuscate

public static String obfuscate(String s)

toStarString

public String toStarString()

toString

public String toString()

Copyright © 2004 Mortbay Consulting Pty. Ltd. All Rights Reserved.