Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

Difference between revisions of "Jetty/Tutorial/Passwords"

m (Corrected package name from org.eclipse.jetty.http.security.Password to org.eclipse.jetty.util.security.Password as relevant in Jetty 7 (tested on 7.6.5))
Line 8: Line 8:
  
 
<source lang="bash">
 
<source lang="bash">
java -cp lib/jetty-http-xxx.jar:lib/jetty-util-xxx.jar org.eclipse.jetty.http.security.Password
+
java -cp lib/jetty-http-xxx.jar:lib/jetty-util-xxx.jar org.eclipse.jetty.util.security.Password
Usage - java org.eclipse.jetty.http.security.Password [<user>] <password>
+
Usage - java org.eclipse.jetty.util.security.Password [<user>] <password>
 
</source>
 
</source>
  
Line 17: Line 17:
  
 
<source lang="bash">
 
<source lang="bash">
java -cp lib/jetty-xxx.jar:lib/jetty-util-xxx.jar org.eclipse.jetty.http.security.Password me blah
+
java -cp lib/jetty-xxx.jar:lib/jetty-util-xxx.jar org.eclipse.jetty.util.security.Password me blah
 
blah
 
blah
 
OBF:20771x1b206z
 
OBF:20771x1b206z

Revision as of 12:32, 21 August 2012

There are many places where you might want to use and store a password, for example for the SSL connectors and user passwords in realms.

Passwords can be stored in clear text, obfuscated, checksummed or encrypted in order of increasing security.

The class org.eclipse.jetty.http.security.Password can be used to generate all varieties of passwords.

Run it without arguments to see usage instructions:

java -cp lib/jetty-http-xxx.jar:lib/jetty-util-xxx.jar org.eclipse.jetty.util.security.Password
Usage - java org.eclipse.jetty.util.security.Password [<user>] <password>

where -xxx.jar signifies the version of jetty that you have installed.

For example, to generate a secured version of the password "blah" for the user "me", do:

java -cp lib/jetty-xxx.jar:lib/jetty-util-xxx.jar  org.eclipse.jetty.util.security.Password me blah
blah
OBF:20771x1b206z
MD5:639bae9ac6b3e1a84cebb7b403297b79
CRYPT:me/ks90E221EY

Now you can cut and paste whichever secure version you choose into your configuration file or java code.

For example, the last line below shows you how you would cut and paste the encrypted password generated above into the properties file for a LoginService:

admin: CRYPT:ad1ks..kc.1Ug,server-administrator,content-administrator,admin
other: OBF:1xmk1w261u9r1w1c1xmq
guest: guest,read-only
me:CRYPT:me/ks90E221EY
Important.png
Important!
Don't forget to also copy the OBF:, MD5: or CRYPT: prefix on the generated password. It will not be usable by Jetty without it.

Back to the top