org.eclipse.jetty.util.security
public abstract class Credential extends java.lang.Object implements java.io.Serializable
Often a Credential is related to a Password via a one way algorithm, so while a Password itself is a Credential, a UnixCrypt or MD5 digest of a a password is only a credential that can be checked against the password.
This class includes an implementation for unix Crypt an MD5 digest.
Password
,
Serialized FormModifier and Type | Class and Description |
---|---|
static class |
Credential.Crypt
Unix Crypt Credentials
|
static class |
Credential.MD5
MD5 Credentials
|
Constructor and Description |
---|
Credential() |
Modifier and Type | Method and Description |
---|---|
protected static boolean |
byteEquals(byte[] b1,
byte[] b2)
Utility method that replaces Arrays.equals() to avoid timing attacks.
|
abstract boolean |
check(java.lang.Object credentials)
Check a credential
|
static Credential |
getCredential(java.lang.String credential)
Get a credential from a String.
|
protected static boolean |
stringEquals(java.lang.String s1,
java.lang.String s2)
Utility method that replaces String.equals() to avoid timing attacks.
|
public abstract boolean check(java.lang.Object credentials)
credentials
- The credential to check against. This may either be
another Credential object, a Password object or a String
which is interpreted by this credential.public static Credential getCredential(java.lang.String credential)
credential
- String representation of the credentialprotected static boolean stringEquals(java.lang.String s1, java.lang.String s2)
Utility method that replaces String.equals() to avoid timing attacks.
s1
- the first string to compares2
- the second string to compareprotected static boolean byteEquals(byte[] b1, byte[] b2)
Utility method that replaces Arrays.equals() to avoid timing attacks.
b1
- the first byte array to compareb2
- the second byte array to compareCopyright © 2017. All Rights Reserved.