getText() vs getPassword()

2019-01-11 21:11发布

I'm currently designing a login system for a make-believe company, right now all I have is the Main login, which needs a lot of cleaning up. Below is my login handler.

private class LoginButtonHandler implements ActionListener {
    public void actionPerformed(ActionEvent e) {
        if(_uid.getText().equalsIgnoreCase("Nathan") && _pwd.getText().equals("password")) {
            JOptionPane.showMessageDialog(null, "Congratulations on logging in!");
        } else {
          JOptionPane.showMessageDialog(null, "Error on login!");
        }
    }
}

As is, this works perfectly fine, but when I change it to

_pwd.getPassword.equals("password")

it directs straight to the else statement when everything is input correctly. What is wrong here? Full program below.

import javax.swing.*;
import java.awt.*;
import java.awt.event.*;

public class Main extends JFrame {
    private static final int HEIGHT = 90;
    private static final int WIDTH = 400;

    JTextField _uid = new JTextField(10);
    JPasswordField _pwd = new JPasswordField(10);
    JButton _login = new JButton("Login");
    JButton _reset = new JButton("Reset");

    public Main() {
       super("Login - Durptech");
        Container pane = getContentPane();
        setLayout(new FlowLayout());

        add(new JLabel("User ID:"));
            add(_uid);
        add(new JLabel("Password:"));
            add(_pwd);

            add(_login);
                _login.addActionListener(new LoginButtonHandler());
            add(_reset);
                _reset.addActionListener(new ResetButtonHandler());

        /*if(_uid.getText().equals("") && _pwd.getText().equals("")) {
            _login.setEnabled(false);
        } else {
            _login.setEnabled(true);
        }*/

       setSize(WIDTH, HEIGHT);
       setResizable(false);
       setLocation(500, 300);
       setDefaultCloseOperation(EXIT_ON_CLOSE);
       setVisible(true);
    }

    private class ResetButtonHandler implements ActionListener {
        public void actionPerformed(ActionEvent e) {
            _uid.setText("");
            _pwd.setText("");
            _uid.requestFocusInWindow();
        }
    }

    private class LoginButtonHandler implements ActionListener {
        public void actionPerformed(ActionEvent e) {
            if(_uid.getText().equalsIgnoreCase("Nathan") && _pwd.getText().equals("password")) {
                JOptionPane.showMessageDialog(null, "Congratulations on logging in!");
            } else {
              JOptionPane.showMessageDialog(null, "Error on login!");
            }
        }
    }

    public static void main(String[] args) {
        new Main();
    }
}

4条回答
在下西门庆
2楼-- · 2019-01-11 21:53

As all the other answers have said, JPasswordField returns a char[] when you call the getPassword() method. However, the way I have it set in my sample log on form is I have a method for validating the input. I have two arrays for storing usernames[] and passwords[] and then I have my username input, and my password input. The password input in my method changes the char[] to a string before continuing, you can do so like this:

 String PasswordTyped = new String(_pwd.getPassword());

Then take that string and place that in your 'if' statement:

 if (_uid.equals("Nathan") && PasswordTyped.equals("password") {
     JOptionPane.showMessageDialog(null, "Congrats, you logged in as Nathan");
 }

However, as I mentioned my validation method runs on the two arrays of usernames[] and passwords[], while accepting a string and a char[] as input. I will copy and paste my method so you can implicate it if you would like:

public static void validate(String u, Char[] pass) {
    String password = new String(pass);
    boolean uGood = false;
    String[] usernames = new String[2];
    String[] passwords = new String[usernames.length];

    usernames[0] = "Don";
    passwords[0] = "password";
    usernames[1] = "Jared";
    passwords[1] = "password";


    for (int i = 0; i < usernames.length; i++) {

        if (usernames[i].equals(u) && passwords[i].equals(password)) {
            uGood = true;
        }
    }
    if (uGood) {
        System.out.println("Hooray, you did it!");
    }
    else {
        JOptionPane.showMessageDialog(null, "Incorrect Username\nand/or Password.");
    }
}

Finally, you would call this validation method by typing:

validate(_uid.getText(), _pwd.getPassword());
查看更多
萌系小妹纸
3楼-- · 2019-01-11 22:01

JPasswordField.getPassword() returns a char [] instead of a String. This is done for the sake of security. You should compare the characters inside the array instead of seeing if the char [] .equals(a String);

查看更多
Fickle 薄情
4楼-- · 2019-01-11 22:02

password.getPassword() returns a char[], and char[]'s aren't equal to Strings. So you need to compare it to a char[]:

if (Arrays.equals(password.getPassword(), new char[]{'p','a','s','s','w','o','r','d'}))
查看更多
我欲成王,谁敢阻挡
5楼-- · 2019-01-11 22:03

You will want to get to know the API well, to make it your best friend. The key to solving this is to see what JPasswordField#getPassword() returns. Hint 1: it's not a String. Hint 2: you may want to solve this using the java.util.Arrays class methods.

The reason getPassword doesn't return a String is because of the way Java handles Strings -- it can store them in the String pool, allowing Strings to hang out in the program longer than you'd expect, and making the Strings potentially retrievable by malware -- something you don't want to have happen to a password. It's much safer to work with char arrays.

Incidentally, don't use JPasswords deprecated getText() method or change a char array to a String using the new String(char[]) constructor since as these both return a String, they are not secure.

查看更多
登录 后发表回答