getPassword()?


DevX Home    Today's Headlines   Articles Archive   Tip Bank   Forums   

Results 1 to 4 of 4

Thread: getPassword()?

Hybrid View

  1. #1
    Join Date
    Jan 2005
    Posts
    61

    getPassword()?

    I'm having a bit of a problem trying to check if a given password is present in an array of password strings:

    for(int a=0; a<passwords.length; a++)
    if(passwords[a].equals(tfPassword.getPassword())) {

    System.out.println("pass match ok");
    }

    The same code (using int i instead of int a) is working fine for checking the username, so I'm wondering if this is because the getPassword() method returns a char instead of a string. If that's the case, I've got a problem casting the char to a string, but this must be something that's done all the time, so any answers would be greatly appreciated

    <edit> Yup, must be what I thought, because it works if you take the echo character out and set the password field as a standard textfield. Still grateful for any solutions
    Last edited by will808; 03-14-2005 at 03:06 PM.

  2. #2
    Join Date
    Nov 2004
    Location
    Norway
    Posts
    1,560
    maybe if you make a new String using the char array constructor.
    eschew obfuscation

  3. #3
    Join Date
    Jan 2005
    Location
    Reisterstowwn, MD
    Posts
    72
    The reason getPassword() does not return a String is because it stays in the virtual machine until the garbage collector deletes it. This is a potential security risk. You can cast it or convert it to a String if security doesn't matter. Here is some quick code i came up with to keep it as a char array:

    Code:
    public void keyPressed(KeyEvent e) {
    		
    		if(e.getKeyChar()==KeyEvent.VK_ENTER){
    			char[] pw = new String("password").toCharArray();
    			char[] entered = pf.getPassword();
    			if(pw.length == entered.length){
    				for(int i=0; i<pw.length; i++)
    					if(pw[i] != entered[i])
    						return;
    				//this area is only executed if they are the same
    				System.out.println("Correct");
    			}
    		}
    	}
    You can forget the KeyEvent stuff, I just left it in there to show i was testing it if the user hits eneter in the password field. I also use only one password with the value "password." I store this in it's own char array. Notice though i created a new String too, so this string will be stored in the VM, probably a better idea if i did:

    char[] pw = {'p','a','s','s','w','o','r','d'};

    But If your application is not looking for total securiity i guess it doesn't matter. Anways you then first check to see if they are both the same length, if they are then check each individual char to each other. If it ever encounters one that doesnt match then return out of the function (in your case you might just break out of the look with a break statement).

    Anyways, I have never used a JPasswordField before (until just playing with it now) and there may be a better way to do all this. However, this did work for me, so its a solution for now .
    Java has 99 problems but a pointer ain't one

  4. #4
    Join Date
    Jan 2005
    Posts
    61
    Got you - that's great, many thanks. I realised that getText() still works for JPassword, even though it's deprecated. I thought about being lazy, but now I'm bored so I think I'll do it properly

    Thanks again.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center
 
 
FAQ
Latest Articles
Java
.NET
XML
Database
Enterprise
Questions? Contact us.
C++
Web Development
Wireless
Latest Tips
Open Source


   Development Centers

   -- Android Development Center
   -- Cloud Development Project Center
   -- HTML5 Development Center
   -- Windows Mobile Development Center