All Downloads are FREE. Search and download functionalities are using the official Maven repository.

javax.security.enterprise.credential.AbstractClearableCredential Maven / Gradle / Ivy

Go to download

Jakarta Security defines a standard for creating secure Jakarta EE applications in modern application paradigms. It defines an overarching (end-user targeted) Security API for Jakarta EE Applications.

There is a newer version: 4.0.0
Show newest version
/*
 * Copyright (c) 2015, 2018 Oracle and/or its affiliates. All rights reserved.
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0, which is available at
 * http://www.eclipse.org/legal/epl-2.0.
 *
 * This Source Code may also be made available under the following Secondary
 * Licenses when the conditions for such availability set forth in the
 * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
 * version 2 with the GNU Classpath Exception, which is available at
 * https://www.gnu.org/software/classpath/license.html.
 *
 * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
 */

package javax.security.enterprise.credential;

/**
 * AbstractClearableCredential contains behavior common to
 * {@link Credential} implementations that can be meaningfully
 * cleared.
 */
public abstract class AbstractClearableCredential implements Credential {

    private volatile boolean cleared = false;

    @Override
    public final boolean isCleared() {
        return cleared;
    }

    /**
     * Specifies that the credential value has been securely cleared.
     */
    protected final void setCleared() {
        this.cleared = true;
    }

    @Override
    public final void clear() {
        clearCredential();
        setCleared();
    }

    /**
     * Invokes the specific subclass to securely clear the credential value.
     * Some {@link Credential} subclasses contain credential values
     * which are inherently secure, such as tokens, for which clearing the
     * credential may not be necessary.
     * 

     * For example, if the credential includes a password,
     * this method would overwrite the password value.
     */
    protected abstract void clearCredential();
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy