Possible Duplicate:
Java String.equals versus ==
I'm trying to make a simple user/password system in Java. My code is:
Scanner sc = new Scanner (System.in);
System.out.println("Enter Username :");
String username = sc.nextLine();
System.out.println("Enter Password :");
String password = sc.nextLine();
if (username == "a" && password == "b"){
System.out.print("ok");
}
Or
if (username == 'a' && password == 'b')
I want to make a simple login with user a and pass b but it doesn't work.
To mask the password, prefer java.io.Console.readPassword() class to Scanner :
String username = null;
String password = null;
Console console = System.console();
System.out.print( "Username: " );
username = console.readLine();
System.out.print( "Password: " );
password = new String( console.readPassword());
System.out.println( "Username = " + username );
System.out.println( "Password = " + password );
if (username.equals( "a" ) && password.equals( "b" )) {
System.out.print( "ok" );
}
Another advice to enforce security: the password variable should be locale to be garbaged.
console.readPassword() returns an array of char, you may compare char by char without allocating a String, it's more secure even if it's more code to write (it's because the sample code I provided use a String).
always check for string equality using equals() method
if (username == "a" && password == "b"){
should be
if (username.equals("a") && password.equals("b")){
use == operator to check if two primitives have the same value and two object references point to the same reference.
use .equals() method to check if two objects are meaningfully equal
