You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ab...@apache.org on 2021/09/28 19:50:48 UTC
[ranger] branch master updated: RANGER-3441:PropertiesUtil (Admin)
logging potentially sensitive data
This is an automated email from the ASF dual-hosted git repository.
abhay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new f599c91 RANGER-3441:PropertiesUtil (Admin) logging potentially sensitive data
new 0ffc660 Merge branch 'master' of https://gitbox.apache.org/repos/asf/ranger
f599c91 is described below
commit f599c916d84461847613560f856be47438bda884
Author: Abhishek Kumar <ab...@gmail.com>
AuthorDate: Tue Sep 28 12:33:35 2021 -0700
RANGER-3441:PropertiesUtil (Admin) logging potentially sensitive data
---
.../src/main/java/org/apache/ranger/common/PropertiesUtil.java | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java b/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
index 80a2d60..0ad7abb 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
@@ -62,8 +62,7 @@ public class PropertiesUtil extends PropertyPlaceholderConfigurer {
Set<Object> keySet = System.getProperties().keySet();
for (Object key : keySet) {
String keyStr = key.toString();
- propertiesMap.put(keyStr, System.getProperties()
- .getProperty(keyStr).trim());
+ propertiesMap.put(keyStr, System.getProperties().getProperty(keyStr).trim());
}
// Let's add our properties now
@@ -321,8 +320,9 @@ public class PropertiesUtil extends PropertyPlaceholderConfigurer {
keySet = props.keySet();
for (Object key : keySet) {
String keyStr = key.toString();
- logger.debug("PropertiesUtil:[" + keyStr + "][" +
- (keyStr.contains("password") || keyStr.contains("keystore.pass") ? "********]" : props.get(keyStr)) + "]");
+ if (logger.isDebugEnabled()) {
+ logger.debug("PropertiesUtil:[" + keyStr + "][" + (keyStr.toLowerCase().contains("pass") ? "********]" : props.get(keyStr)) + "]");
+ }
}
super.processProperties(beanFactory, props);