- Direct Known Subclasses:
public abstract class ConfidentialKey extends ObjectConfidential information that gets stored as a singleton in Jenkins, mostly some random token value.
The actual value is persisted via
ConfidentialStore, but each use case that requires a secret like this should use a separate
ConfidentialKeyinstance so that one compromised
ConfidentialKey(say through incorrect usage and failure to protect it) shouldn't compromise all the others.
ConfidentialKeyis ultimately a sequence of bytes, but for convenience, a family of subclasses are provided to represent the secret in different formats. See
HMACConfidentialKeyfor example. In addition to the programming ease, these use case specific subtypes make it harder for vulnerability to creep in by making it harder for the secret to leak.
ConfidentialKeysubtypes are expected to be used as a singleton, like
JnlpAgentReceiver.SLAVE_SECRET. For code that relies on XStream for persistence (such as
SCMs, and other fragment objects around builds and jobs),
Secretprovides more convenient way of storing secrets.
- Kohsuke Kawaguchi
- See Also:
All Methods Instance Methods Concrete Methods Modifier and Type Method Description