@Override protected PasswordAuthentication getPasswordAuthentication() { synchronized(this) // http library does not have to synchronize usage { log.debug("host: " + getTargetHost()); return netrc.getCredentials(getTargetHost(), true); } }
private void checkNetrc() { LOGGER.debug("checkNetrc..."); if (!netrcBox1.isSelected()) { return; } LOGGER.debug("creating NetrcFile"); NetrcFile netrc = new NetrcFile(); // since this is for http only, onyl strict hostname matching makes sense PasswordAuthentication pw = netrc.getCredentials(host, true); if (pw != null) { unField.setText(pw.getUserName()); // TODO: SECURITY ISSUE // Doh! After all that work reading the .netrc and never making a password String, I have to // convert it to a String and cannot blank it out; hopefully setText(null) above will be // enough to get rid of that String (eventually) pwField.setText(new String(pw.getPassword())); } else { LOGGER.debug("failed to find " + host + " in NetrcFile"); } } }
NetrcFile f = new NetrcFile(); PasswordAuthentication pa = f.getCredentials(host, true); if (pa != null)