Reputation: 516
getText() vs getPassword()
I'm currently designing a login system for a make-believe company, right now all I have is the Main login, which needs a lot of cleaning up. Below is my login handler.
private class LoginButtonHandler implements ActionListener {
public void actionPerformed(ActionEvent e) {
if(_uid.getText().equalsIgnoreCase("Nathan") && _pwd.getText().equals("password")) {
JOptionPane.showMessageDialog(null, "Congratulations on logging in!");
} else {
JOptionPane.showMessageDialog(null, "Error on login!");
}
}
}
As is, this works perfectly fine, but when I change it to
_pwd.getPassword.equals("password")
it directs straight to the else statement when everything is input correctly. What is wrong here? Full program below.
import javax.swing.*;
import java.awt.*;
import java.awt.event.*;
public class Main extends JFrame {
private static final int HEIGHT = 90;
private static final int WIDTH = 400;
JTextField _uid = new JTextField(10);
JPasswordField _pwd = new JPasswordField(10);
JButton _login = new JButton("Login");
JButton _reset = new JButton("Reset");
public Main() {
super("Login - Durptech");
Container pane = getContentPane();
setLayout(new FlowLayout());
add(new JLabel("User ID:"));
add(_uid);
add(new JLabel("Password:"));
add(_pwd);
add(_login);
_login.addActionListener(new LoginButtonHandler());
add(_reset);
_reset.addActionListener(new ResetButtonHandler());
/*if(_uid.getText().equals("") && _pwd.getText().equals("")) {
_login.setEnabled(false);
} else {
_login.setEnabled(true);
}*/
setSize(WIDTH, HEIGHT);
setResizable(false);
setLocation(500, 300);
setDefaultCloseOperation(EXIT_ON_CLOSE);
setVisible(true);
}
private class ResetButtonHandler implements ActionListener {
public void actionPerformed(ActionEvent e) {
_uid.setText("");
_pwd.setText("");
_uid.requestFocusInWindow();
}
}
private class LoginButtonHandler implements ActionListener {
public void actionPerformed(ActionEvent e) {
if(_uid.getText().equalsIgnoreCase("Nathan") && _pwd.getText().equals("password")) {
JOptionPane.showMessageDialog(null, "Congratulations on logging in!");
} else {
JOptionPane.showMessageDialog(null, "Error on login!");
}
}
}
public static void main(String[] args) {
new Main();
}
}
Upvotes: 4
Views: 40332
Answers (4)
Reputation:
As all the other answers have said, JPasswordField returns a char[] when you call the getPassword() method. However, the way I have it set in my sample log on form is I have a method for validating the input. I have two arrays for storing usernames[] and passwords[] and then I have my username input, and my password input. The password input in my method changes the char[] to a string before continuing, you can do so like this:
String PasswordTyped = new String(_pwd.getPassword());
Then take that string and place that in your 'if' statement:
if (_uid.equals("Nathan") && PasswordTyped.equals("password") {
JOptionPane.showMessageDialog(null, "Congrats, you logged in as Nathan");
}
However, as I mentioned my validation method runs on the two arrays of usernames[] and passwords[], while accepting a string and a char[] as input. I will copy and paste my method so you can implicate it if you would like:
public static void validate(String u, Char[] pass) {
String password = new String(pass);
boolean uGood = false;
String[] usernames = new String[2];
String[] passwords = new String[usernames.length];
usernames[0] = "Don";
passwords[0] = "password";
usernames[1] = "Jared";
passwords[1] = "password";
for (int i = 0; i < usernames.length; i++) {
if (usernames[i].equals(u) && passwords[i].equals(password)) {
uGood = true;
}
}
if (uGood) {
System.out.println("Hooray, you did it!");
}
else {
JOptionPane.showMessageDialog(null, "Incorrect Username\nand/or Password.");
}
}
Finally, you would call this validation method by typing:
validate(_uid.getText(), _pwd.getPassword());
Upvotes: 2
Reputation: 310980
password.getPassword() returns a char[], and char[]'s aren't equal to Strings. So you need to compare it to a char[]:
if (Arrays.equals(password.getPassword(), new char[]{'p','a','s','s','w','o','r','d'}))
Upvotes: 6
Reputation: 285405
You will want to get to know the API well, to make it your best friend. The key to solving this is to see what JPasswordField#getPassword() returns. Hint 1: it's not a String. Hint 2: you may want to solve this using the java.util.Arrays class methods.
The reason getPassword doesn't return a String is because of the way Java handles Strings -- it can store them in the String pool, allowing Strings to hang out in the program longer than you'd expect, and making the Strings potentially retrievable by malware -- something you don't want to have happen to a password. It's much safer to work with char arrays.
Incidentally, don't use JPasswords deprecated getText() method or change a char array to a String using the new String(char[]) constructor since as these both return a String, they are not secure.
Upvotes: 13
Reputation: 2991
JPasswordField.getPassword() returns a char [] instead of a String. This is done for the sake of security. You should compare the characters inside the array instead of seeing if the char [] .equals(a String);
Upvotes: 11
Related Questions
- Why getText() in JPasswordField was deprecated?
- Hide/Show Password in a JTextFIeld (Java Swing)
- Why does JPasswordField.getPassword() create a String with the password in it?
- JFormattedTextField and getValue vs. getText
- How to access to the value inside a Swing JTextField/JPasswordField?
- Working with JPasswordField and its getText/getPassword method
- What are the security reasons for JPasswordField.getPassword()?
- JPasswordField how to set password
- Java - Questions About JTextField and JPasswordField
- Is there an alternative to JPasswordField?