Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
CraigJPerry 4 days ago

With java theres a GuardedString implementation https://docs.oracle.com/en/middleware/idm/identity-governanc...

otterley 3 days ago | parent | next [-]

It doesn't look like it's a part of the standard API though. That looks like it's some sort of framework API for Oracle Fusion. It's also not open source.

antonvs 3 days ago | parent | prev [-]

Those are primarily for in-memory security. They apparently uses a "known default key" in its serialized form. At least when it comes to logging, that's more like obfuscation than security.

otterley 3 days ago | parent [-]

According to its documentation, you can’t directly log a GuardedString because it doesn’t implement the toString() method. You have to pass it an accessor instance through its access() method to extract the plaintext.