Examples of org.eclipse.jetty.util.security.Password

• org.eclipse.jetty.util.security.Password
  Password utility class. This utility class gets a password or pass phrase either by:

   + Password is set as a system property. + The password is prompted for and read from standard input + A program is run to get the password. 

  Passwords that begin with OBF: are de obfuscated. Passwords can be obfuscated by run org.eclipse.util.Password as a main class. Obfuscated password are required if a system needs to recover the full password (eg. so that it may be passed to another system). They are not secure, but prevent casual observation.

  Passwords that begin with CRYPT: are oneway encrypted with UnixCrypt. The real password cannot be retrieved, but comparisons can be made to other passwords. A Crypt can be generated by running org.eclipse.util.UnixCrypt as a main class, passing password and then the username. Checksum passwords are a secure(ish) way to store passwords that only need to be checked rather than recovered. Note that it is not strong security - specially if simple passwords are used.

            if (isJSecurityCheck(uri))
            {
                final String username = request.getParameter(__J_USERNAME);
                final String password = request.getParameter(__J_PASSWORD);

                boolean success = tryLogin(messageInfo, clientSubject, response, session, username, new Password(password));
                if (success)
                {
                    // Redirect to original request
                    String nuri=null;
                    synchronized(session)

        credentials = credentials.substring(credentials.indexOf(' ')+1);
        credentials = B64Code.decode(credentials, StandardCharsets.ISO_8859_1);
        int i = credentials.indexOf(':');
        String userName = credentials.substring(0,i);
        String password = credentials.substring(i+1);
        return login(clientSubject, userName, new Password(password), authMethod, messageInfo);
    }

    final Server server = new Server(port);
    @SuppressWarnings("ConstantConditions")
    String webDir = EventHubHandler.class.getClassLoader().getResource("frontend").toExternalForm();
    HashLoginService loginService = new HashLoginService();
    loginService.putUser(properties.getProperty("eventhubhandler.username"),
        new Password(properties.getProperty("eventhubhandler.password")), new String[]{"user"});

    server.addBean(loginService);

    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
    Constraint constraint = new Constraint();

    securityHandler.setConstraintMappings(new ConstraintMapping[]{cm});
    HashLoginService hashLoginService = new HashLoginService("Test Server");
    securityHandler.setLoginService(hashLoginService);
    webappContext.setSecurityHandler(securityHandler);

    hashLoginService.putUser("admin", new Password("admin"), new String[]{"users"});

    server.start();

    // ping nexus to wake up
    startNx();

                            {
                                while (rs2.next())
                                    roles.add(rs2.getString(_roleTableRoleField));
                            }
                        }
                        return putUser(userName,new Password(credentials), roles.toArray(new String[roles.size()]));
                    }
                }
            }
        }
        catch (NamingException e)