@DanielDeogun @DanielSawano #SecureByDesign Read-once Object public final class SensitiveValue implements Externalizable {

private transient final AtomicReference<String> value ;

public SensitiveValue( final String value) {

// Check domain-specific invariants

this . value

new AtomicReference<>(value); }

public String value() {

return notNull ( value .getAndSet( null ), "Sensitive value has already been consumed" ); }

@Override

public String toString() {

return "SensitiveValue{value=*****}" ; }

@Override

public void writeExternal( final ObjectOutput out) {

throw new UnsupportedOperationException( "Not allowed on sensitive value" ); }

@Override

public void readExternal( final ObjectInput in) {

throw new UnsupportedOperationException( "Not allowed on sensitive value" ); } }