You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2012/05/05 09:50:59 UTC

svn commit: r1334332 - in /camel/trunk/camel-core/src: main/java/org/apache/camel/impl/ main/java/org/apache/camel/util/ test/java/org/apache/camel/util/

Author: davsclaus
Date: Sat May  5 07:50:59 2012
New Revision: 1334332

URL: http://svn.apache.org/viewvc?rev=1334332&view=rev
Log:
CAMEL-5241: Santize URIs in DEBUG messages. Thanks to Joao Loureiro for the patch.

Modified:
    camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultCamelContext.java
    camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultComponent.java
    camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultProducer.java
    camel/trunk/camel-core/src/main/java/org/apache/camel/util/URISupport.java
    camel/trunk/camel-core/src/test/java/org/apache/camel/util/URISupportTest.java

Modified: camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultCamelContext.java
URL: http://svn.apache.org/viewvc/camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultCamelContext.java?rev=1334332&r1=1334331&r2=1334332&view=diff
==============================================================================
--- camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultCamelContext.java (original)
+++ camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultCamelContext.java Sat May  5 07:50:59 2012
@@ -449,7 +449,7 @@ public class DefaultCamelContext extends
                         answer = component.createEndpoint(uri);
 
                         if (answer != null && log.isDebugEnabled()) {
-                            log.debug("{} converted to endpoint: {} by component: {}", new Object[]{uri, answer, component});
+                            log.debug("{} converted to endpoint: {} by component: {}", new Object[]{URISupport.sanitizeUri(uri), answer, component});
                         }
                     }
                 }

Modified: camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultComponent.java
URL: http://svn.apache.org/viewvc/camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultComponent.java?rev=1334332&r1=1334331&r2=1334332&view=diff
==============================================================================
--- camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultComponent.java (original)
+++ camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultComponent.java Sat May  5 07:50:59 2012
@@ -86,7 +86,7 @@ public abstract class DefaultComponent e
         validateURI(encodedUri, path, parameters);
 
         if (LOG.isDebugEnabled()) {
-            LOG.debug("Creating endpoint uri=[{}], path=[{}], parameters=[{}]", new Object[]{URISupport.sanitizeUri(encodedUri), path, parameters});
+            LOG.debug("Creating endpoint uri=[{}], path=[{}], parameters=[{}]", new Object[]{URISupport.sanitizeUri(encodedUri), URISupport.sanitizePath(path), parameters});
         }
         Endpoint endpoint = createEndpoint(encodedUri, path, parameters);
         if (endpoint == null) {

Modified: camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultProducer.java
URL: http://svn.apache.org/viewvc/camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultProducer.java?rev=1334332&r1=1334331&r2=1334332&view=diff
==============================================================================
--- camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultProducer.java (original)
+++ camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultProducer.java Sat May  5 07:50:59 2012
@@ -21,6 +21,7 @@ import org.apache.camel.Exchange;
 import org.apache.camel.ExchangePattern;
 import org.apache.camel.Producer;
 import org.apache.camel.support.ServiceSupport;
+import org.apache.camel.util.URISupport;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -39,7 +40,7 @@ public abstract class DefaultProducer ex
 
     @Override
     public String toString() {
-        return "Producer[" + endpoint.getEndpointUri() + "]";
+        return "Producer[" + URISupport.sanitizeUri(endpoint.getEndpointUri()) + "]";
     }
 
     public Endpoint getEndpoint() {

Modified: camel/trunk/camel-core/src/main/java/org/apache/camel/util/URISupport.java
URL: http://svn.apache.org/viewvc/camel/trunk/camel-core/src/main/java/org/apache/camel/util/URISupport.java?rev=1334332&r1=1334331&r2=1334332&view=diff
==============================================================================
--- camel/trunk/camel-core/src/main/java/org/apache/camel/util/URISupport.java (original)
+++ camel/trunk/camel-core/src/main/java/org/apache/camel/util/URISupport.java Sat May  5 07:50:59 2012
@@ -46,6 +46,10 @@ public final class URISupport {
     // (applies to URI with authority component and userinfo token in the form "user:password").
     private static final Pattern USERINFO_PASSWORD = Pattern.compile("(.*://.*:)(.*)(@)");
     
+    // Match the user password in the URI path as second capture group
+    // (applies to URI path with authority component and userinfo token in the form "user:password").
+    private static final Pattern PATH_USERINFO_PASSWORD = Pattern.compile("(.*:)(.*)(@)");
+    
     private static final String CHARSET = "UTF-8";
 
     private URISupport() {
@@ -67,6 +71,22 @@ public final class URISupport {
         }
         return sanitized;
     }
+    
+    /**
+     * Removes detected sensitive information (such as passwords) from the
+     * <em>path part</em> of an URI (that is, the part without the query
+     * parameters or component prefix) and returns the result.
+     * 
+     * @param path the URI path to sanitize
+     * @return null if the path is null, otherwise the sanitized path
+     */
+    public static String sanitizePath(String path) {
+        String sanitized = path;
+        if (path != null) {
+            sanitized = PATH_USERINFO_PASSWORD.matcher(sanitized).replaceFirst("$1******$3");
+        }
+        return sanitized;
+    }
 
     public static Map<String, Object> parseQuery(String uri) throws URISyntaxException {
         // must check for trailing & as the uri.split("&") will ignore those

Modified: camel/trunk/camel-core/src/test/java/org/apache/camel/util/URISupportTest.java
URL: http://svn.apache.org/viewvc/camel/trunk/camel-core/src/test/java/org/apache/camel/util/URISupportTest.java?rev=1334332&r1=1334331&r2=1334332&view=diff
==============================================================================
--- camel/trunk/camel-core/src/test/java/org/apache/camel/util/URISupportTest.java (original)
+++ camel/trunk/camel-core/src/test/java/org/apache/camel/util/URISupportTest.java Sat May  5 07:50:59 2012
@@ -176,5 +176,16 @@ public class URISupportTest extends Cont
         String expected = "jt400://GEORGE:******@LIVERPOOL/QSYS.LIB/BEATLES.LIB/PENNYLANE.DTAQ";
         assertEquals(expected, URISupport.sanitizeUri(uri));
     }
+    
+    public void testSanitizePathWithUserInfo() {
+        String path = "GEORGE:HARRISON@LIVERPOOL/QSYS.LIB/BEATLES.LIB/PENNYLANE.PGM";
+        String expected = "GEORGE:******@LIVERPOOL/QSYS.LIB/BEATLES.LIB/PENNYLANE.PGM";
+        assertEquals(expected, URISupport.sanitizePath(path));
+    }
+    
+    public void testSanitizePathWithoutSensitiveInfoIsUnchanged() {
+        String path = "myhost:8080/mypath";
+        assertEquals(path, URISupport.sanitizePath(path));
+    }
 
 }