001package co.codewizards.cloudstore.rest.server.auth; 002 003import java.io.Serializable; 004import java.util.Arrays; 005 006/** 007 * Authentication information (username + password). Can be obtained in every 008 * REST service by sub-classing {@code AbstractService} and using 009 * {@code AbstractService.getAuth()} or {@code AbstractService.authenticate(String)}. 010 * 011 * @author Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de 012 */ 013public class Auth 014implements Serializable 015{ 016 private static final long serialVersionUID = 1L; 017 018 private String userName; 019 020 private char[] password; 021 022 /** 023 * Create an empty instance. 024 */ 025 public Auth() { } 026 027 /** 028 * Create an instance with the given values. 029 * @param userName the user-name (might be <code>null</code>). 030 * @param password the password (might be <code>null</code>). 031 */ 032 public Auth(String userName, char[] password) 033 { 034 this.userName = userName; 035 this.password = password; 036 } 037 038 /** 039 * Get the user-name. 040 * @return the user-name or <code>null</code>. 041 */ 042 public String getUserName() { 043 return userName; 044 } 045 046 /** 047 * Set the user-name. 048 * @param userName the user-name or <code>null</code>. 049 */ 050 public void setUserName(String userName) { 051 this.userName = userName; 052 } 053 054 /** 055 * <p> 056 * Get the password. 057 * </p> 058 * <p> 059 * <b>Warning: the char-array returned by this method might be modified later</b> (overwritten with 0), e.g. if 060 * {@link #clear()} is called! If you want to use this char-array elsewhere, you must clone it immediately! 061 * </p> 062 063 * @return the password or <code>null</code>. 064 */ 065 public char[] getPassword() { 066 return password; 067 } 068 069 /** 070 * <p> 071 * Set the password. 072 * </p> 073 * <p> 074 * <b>Warning: the char-array passed to this method is modified</b> (overwritten with 0), if 075 * {@link #clear()} is called! If you want to use this char-array elsewhere, you must pass 076 * a clone here! 077 * </p> 078 * @param password the password or <code>null</code>. 079 */ 080 public void setPassword(char[] password) 081 { 082 this.password = password; 083 } 084 085 /** 086 * Clear the sensitive data from this <code>Auth</code> instance. If the <code>password</code> 087 * is not <code>null</code>, it is overwritten with 0. This method is called by the 088 * {@link #finalize()} method of this class! 089 */ 090 public void clear() 091 { 092 if (password != null) 093 Arrays.fill(password, (char)0); 094 095 password = null; 096 } 097 098 @Override 099 protected void finalize() throws Throwable { 100 clear(); 101 } 102}