org.mortbay.util
Class Password

java.lang.Object
  |
  +--org.mortbay.util.Password

public class Password
extends java.lang.Object

Password utility class. This utility class gets a password or pass phrase either by:

  + Password is set as a system property.
  + The password is prompted for and read from standard input
  + A program is run to get the password.
 
Passwords that begin with EXEC: are interpreted as a command, whose output is read.

Passwords that begin with OBF: are de obfuscated. Passwords can be obfuscated by run org.mortbay.util.Password as a main class. Obfuscated password are required if a system needs to recover the full password (eg. so that it may be passed to another system). They are not secure, but prevent casual observation.

Passwords that begin with CHK: are password checksums. The real password cannot be retrieved, but comparisons can be made to other passwords. A password checksum can be generated by running org.mortbay.util.Password as a main class. Checksum passwords are a secure way to stor passwords that only need to be checked rather than recovered. Passwords that begin with CRYPT: are oneway encrypted with UnixCrypt. The real password cannot be retrieved, but comparisons can be made to other passwords. A Crype can be generated by running org.mortbay.util.UnixCrypt as a main class, passing password and then the username. Checksum passwords are a secure(ish) way to store passwords that only need to be checked rather than recovered. Note that it is not strong security - specially if simple passwords are used.

Version:
$Id: Password.java,v 1.1 2001/09/02 01:13:08 gregwilkins Exp $
Author:
Greg Wilkins (gregw)

Constructor Summary
Password()
           
Password(java.lang.String realm)
          Constructor.
Password(java.lang.String realm, java.lang.String passwd)
          Constructor.
Password(java.lang.String realm, java.lang.String dft, java.lang.String promptDft)
          Constructor.
 
Method Summary
 boolean check(java.lang.String passwd)
           
static java.lang.String checksum(java.lang.String s)
           
static java.lang.String crypt(java.lang.String user, java.lang.String pw)
           
static java.lang.String deobfuscate(java.lang.String s)
           
 boolean equals(java.lang.Object o)
           
 char[] getCharArray()
           
 java.lang.String getChecksum()
           
static void main(java.lang.String[] arg)
           
static java.lang.String obfuscate(java.lang.String s)
           
 java.lang.String toStarString()
           
 java.lang.String toString()
           
 void zero()
          Zero the password.
 
Methods inherited from class java.lang.Object
getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

Password

public Password()

Password

public Password(java.lang.String realm)
Constructor.
Parameters:
realm -  

Password

public Password(java.lang.String realm,
                java.lang.String passwd)
Constructor.
Parameters:
realm -  

Password

public Password(java.lang.String realm,
                java.lang.String dft,
                java.lang.String promptDft)
Constructor. Attempts to get the password from a system property using the realm name as a property key. If no password is found, the default is used. If the default is not set then stdin is prompted for the password. Then if no password is entered, the promptDft is used.
Parameters:
realm - The realm name
dft - Default password, if none set in the realm
promptDft - Default password, if prompt fails
Method Detail

toString

public java.lang.String toString()
Overrides:
toString in class java.lang.Object

toStarString

public java.lang.String toStarString()

getCharArray

public char[] getCharArray()

getChecksum

public java.lang.String getChecksum()

check

public boolean check(java.lang.String passwd)

equals

public boolean equals(java.lang.Object o)
Overrides:
equals in class java.lang.Object

zero

public void zero()
Zero the password. The checksum is not effected, so comparisons may be made on zeroed passwords.

obfuscate

public static java.lang.String obfuscate(java.lang.String s)

deobfuscate

public static java.lang.String deobfuscate(java.lang.String s)

checksum

public static java.lang.String checksum(java.lang.String s)

crypt

public static java.lang.String crypt(java.lang.String user,
                                     java.lang.String pw)

main

public static void main(java.lang.String[] arg)
Parameters:
arg -  


Copyright © 2000 Mortbay Consulting Pty. Ltd. All Rights Reserved.