There is a new API in NetBeans 6.9 (Platform and IDE) for storing passwords securely:
http://bits.netbeans.org/dev/javadoc...g/Keyring.html
If you maintain a module that needs to persist passwords or similar confidential data, use this API rather than relying on ROT-13 obfuscation or the like.
Besides a generic fallback implementation based on a master password (akin to the system in Firefox), there are special implementations unlocked by user login for Gnome ("Passwords and Encryption Keys"); Mac OS X (Keychain); and Windows (custom encrypted storage). If anyone out there is experienced with JNA and/or security APIs and would like to tune one of the implementations, or add support for other platforms (e.g. KWallet), that would be great; just file bug reports blocking
https://netbeans.org/bugzilla/show_bug.cgi?id=173413
The API has few dependencies on the rest of the NB Platform, so it could be broken out into a library on kenai.com if there is sufficient interest. (Since it seems like a fundamental service, in the long run it would be nice to have something similar in the Java platform.)

The above is copied from an e-mail by Jesse Glick on the dev@platform.netbeans.org mailing list from 12/12/2009.


More...