Credential (Jetty :: Utilities 9.3.20.v20170531 API)

java.lang.Object
- org.eclipse.jetty.util.security.Credential

All Implemented Interfaces:

Serializable

Direct Known Subclasses:

Credential.Crypt, Credential.MD5, Password
```
public abstract class Credential
extends Object
implements Serializable
```
Credentials. The Credential class represents an abstract mechanism for checking authentication credentials. A credential instance either represents a secret, or some data that could only be derived from knowing the secret.
Often a Credential is related to a Password via a one way algorithm, so while a Password itself is a Credential, a UnixCrypt or MD5 digest of a a password is only a credential that can be checked against the password.
This class includes an implementation for unix Crypt an MD5 digest.

See Also:

Password, Serialized Form

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class Credential.Crypt
Unix Crypt Credentials

static class Credential.MD5
MD5 Credentials

Nested Classes
Modifier and Type	Class and Description
`static class`	`Credential.Crypt` Unix Crypt Credentials
`static class`	`Credential.MD5` MD5 Credentials

Constructor Summary

Constructors
Constructor and Description

Credential()

Constructors
Constructor and Description
`Credential()`

Method Summary

All Methods Static Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`protected static boolean`	`byteEquals(byte[] b1, byte[] b2)` Utility method that replaces Arrays.equals() to avoid timing attacks.
`abstract boolean`	`check(Object credentials)` Check a credential
`static Credential`	`getCredential(String credential)` Get a credential from a String.
`protected static boolean`	`stringEquals(String s1, String s2)` Utility method that replaces String.equals() to avoid timing attacks.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - Credential
```
public Credential()
```
- Method Detail
  - check
```
public abstract boolean check(Object credentials)
```
    Check a credential
    
    Parameters:
    
    credentials - The credential to check against. This may either be another Credential object, a Password object or a String which is interpreted by this credential.
    
    Returns:
    
    True if the credentials indicated that the shared secret is known to both this Credential and the passed credential.
  - getCredential
```
public static Credential getCredential(String credential)
```
    Get a credential from a String. If the credential String starts with a known Credential type (eg "CRYPT:" or "MD5:" ) then a Credential of that type is returned. Else the credential is assumed to be a Password.
    
    Parameters:
    
    credential - String representation of the credential
    
    Returns:
    
    A Credential or Password instance.
  - stringEquals
```
protected static boolean stringEquals(String s1,
                                      String s2)
```
    Utility method that replaces String.equals() to avoid timing attacks.
    
    Parameters:
    
    s1 - the first string to compare
    
    s2 - the second string to compare
    
    Returns:
    
    whether the two strings are equal
  - byteEquals
```
protected static boolean byteEquals(byte[] b1,
                                    byte[] b2)
```
    Utility method that replaces Arrays.equals() to avoid timing attacks.
    
    Parameters:
    
    b1 - the first byte array to compare
    
    b2 - the second byte array to compare
    
    Returns:
    
    whether the two byte arrays are equal

Class Credential

Nested Class Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

Credential

Method Detail

check

getCredential

stringEquals

byteEquals