JPasswordField returning some hash code converted

2019-07-17 04:33发布

站内问答 / Java
1915 3 5

My program takes user name and password authentication from user before initialising the program, so i created a button login to which i associated ActionListener as show below 

   login.addActionListener(new ActionListener(){
            public void actionPerformed(ActionEvent event){
                if(txtUserName.getText().equals("Suraj") && (txtPwd.getPassword().toString()).equals("s123")){

                                dispose();
                                TimeFrame tFrame = new TimeFrame(userName);
                                tFrame.setVisible(true);
                                tFrame.setDefaultCloseOperation(JFrame.DO_NOTHING_ON_CLOSE);
                                tFrame.setLayout(new GridLayout());

                        } else {
                            JOptionPane.showMessageDialog(null,"User name or password don't match","Acces Denied", JOptionPane.ERROR_MESSAGE);
                        }

Now the problem that occurs is even if i enter correct password, program displays an error mesenter image description heresage

3条回答
The star\"
2楼-- · 2019-07-17 05:20

getPassword() returns a char[]. The toString() on it does not return the contents as a string as you assume.

Try new String(txtPwd.getPassword()).equals("s123").

However, there is a reason it is a char[] and not a String. Try looking up the security aspect of it in the javadoc.

查看更多
0人赞 添加讨论(0) 举报
家丑人穷心不美
3楼-- · 2019-07-17 05:20

I had the same problem:

private void loginActionPerformed(java.awt.event.ActionEvent evt) {

    char[] pass = passwordField.getPassword();
    String mypass = pass.toString();
    String user = (String) combo.getSelectedItem();


    try {
        String driver = "sun.jdbc.odbc.JdbcOdbcDriver";
        Class.forName(driver);

        String db = "jdbc:odbc:LoginDB";
        con = DriverManager.getConnection(db);
        st = con.createStatement();
        String sql = "select * from Table2";
        rs = st.executeQuery(sql);

        while (rs.next()) {

            String AdminNewID = rs.getString("AdminID");
            String AdminNewPass = rs.getString("AdminPassword");

            if ((user.equals(AdminNewID)) && pass.equals(AdminNewPass)) {

                MyApp form = new MyApp();
                form.setVisible(true);

            } else {
                this.res.setText(" Incorrect User Name or Password");
            }
        }
    } catch (Exception ex) {
    }
}
查看更多
0人赞 添加讨论(0) 举报
一夜七次
4楼-- · 2019-07-17 05:28

Note: this should have been a comment but is way too long for this. Consider giving the upvotes to the answers in the linked thread

As already indicated by mKorbel there is a rather complete discussion in getText() vs getPassword() .

Further, read the Swing tutorial about JPasswordField which contains a nice example on how you should compare the password (by comparing char arrays, and not by converting the char array to a String) - small copy paste from the tutorial:

private static boolean isPasswordCorrect(char[] input) {
    boolean isCorrect = true;
    char[] correctPassword = { 'b', 'u', 'g', 'a', 'b', 'o', 'o' };

    if (input.length != correctPassword.length) {
        isCorrect = false;
    } else {
        isCorrect = Arrays.equals (input, correctPassword);
    }

    //Zero out the password.
    Arrays.fill(correctPassword,'0');

    return isCorrect;
}

The reason why you should compare char arrays is nicely explained by Hovercraft Full Of Eels in his answer in the linked SO question at the start of this answer.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)