org.mortbay.util
Class Password
java.lang.Object
|
+--org.mortbay.util.Password
- public class Password
- extends java.lang.Object
Password utility class.
This utility class gets a password or pass phrase either by:
+ Password is set as a system property.
+ The password is prompted for and read from standard input
+ A program is run to get the password.
Passwords that begin with EXEC: are interpreted as a command, whose
output is read.
Passwords that begin with OBF: are de obfuscated.
Passwords can be obfuscated by run org.mortbay.util.Password as a
main class. Obfuscated password are required if a system needs
to recover the full password (eg. so that it may be passed to another
system). They are not secure, but prevent casual observation.
Passwords that begin with CHK: are password checksums. The real
password cannot be retrieved, but comparisons can be made to other
passwords. A password checksum can be generated by running
org.mortbay.util.Password as a main class. Checksum passwords are
a secure way to stor passwords that only need to be checked rather
than recovered.
Passwords that begin with CRYPT: are oneway encrypted with
UnixCrypt. The real password cannot be retrieved, but comparisons
can be made to other passwords. A Crype can be generated by running
org.mortbay.util.UnixCrypt as a main class, passing password and
then the username. Checksum passwords are a secure(ish) way to
store passwords that only need to be checked rather
than recovered. Note that it is not strong security - specially if
simple passwords are used.
- Version:
- $Id: Password.java,v 1.1 2001/09/02 01:13:08 gregwilkins Exp $
- Author:
- Greg Wilkins (gregw)
Constructor Summary |
Password()
|
Password(java.lang.String realm)
Constructor. |
Password(java.lang.String realm,
java.lang.String passwd)
Constructor. |
Password(java.lang.String realm,
java.lang.String dft,
java.lang.String promptDft)
Constructor. |
Method Summary |
boolean |
check(java.lang.String passwd)
|
static java.lang.String |
checksum(java.lang.String s)
|
static java.lang.String |
crypt(java.lang.String user,
java.lang.String pw)
|
static java.lang.String |
deobfuscate(java.lang.String s)
|
boolean |
equals(java.lang.Object o)
|
char[] |
getCharArray()
|
java.lang.String |
getChecksum()
|
static void |
main(java.lang.String[] arg)
|
static java.lang.String |
obfuscate(java.lang.String s)
|
java.lang.String |
toStarString()
|
java.lang.String |
toString()
|
void |
zero()
Zero the password. |
Methods inherited from class java.lang.Object |
getClass, hashCode, notify, notifyAll, wait, wait, wait |
Password
public Password()
Password
public Password(java.lang.String realm)
- Constructor.
- Parameters:
realm
-
Password
public Password(java.lang.String realm,
java.lang.String passwd)
- Constructor.
- Parameters:
realm
-
Password
public Password(java.lang.String realm,
java.lang.String dft,
java.lang.String promptDft)
- Constructor.
Attempts to get the password from a system property using
the realm name as a property key. If no password is found,
the default is used. If the default is not set then stdin
is prompted for the password. Then if no password is
entered, the promptDft is used.
- Parameters:
realm
- The realm namedft
- Default password, if none set in the realmpromptDft
- Default password, if prompt fails
toString
public java.lang.String toString()
- Overrides:
toString
in class java.lang.Object
toStarString
public java.lang.String toStarString()
getCharArray
public char[] getCharArray()
getChecksum
public java.lang.String getChecksum()
check
public boolean check(java.lang.String passwd)
equals
public boolean equals(java.lang.Object o)
- Overrides:
equals
in class java.lang.Object
zero
public void zero()
- Zero the password.
The checksum is not effected, so comparisons may be made on
zeroed passwords.
obfuscate
public static java.lang.String obfuscate(java.lang.String s)
deobfuscate
public static java.lang.String deobfuscate(java.lang.String s)
checksum
public static java.lang.String checksum(java.lang.String s)
crypt
public static java.lang.String crypt(java.lang.String user,
java.lang.String pw)
main
public static void main(java.lang.String[] arg)
- Parameters:
arg
-
Copyright © 2000 Mortbay Consulting Pty. Ltd. All Rights Reserved.