You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2018/02/28 15:43:27 UTC
[camel] branch master updated: CAMEL-12305: IntrospectionSupport -
Hide sensitive values when logging
This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/master by this push:
new c6d2d8f CAMEL-12305: IntrospectionSupport - Hide sensitive values when logging
c6d2d8f is described below
commit c6d2d8fcc0da4b43291925e1bf2276c3b76f8b51
Author: Claus Ibsen <cl...@gmail.com>
AuthorDate: Wed Feb 28 16:42:15 2018 +0100
CAMEL-12305: IntrospectionSupport - Hide sensitive values when logging
---
.../apache/camel/util/IntrospectionSupport.java | 16 ++++++++++--
.../camel/util/IntrospectionSupportTest.java | 29 ++++++++++++++++++++++
2 files changed, 43 insertions(+), 2 deletions(-)
diff --git a/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java b/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java
index 8b66426..5b99692 100644
--- a/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java
+++ b/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java
@@ -37,6 +37,7 @@ import java.util.Locale;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
+import java.util.regex.Pattern;
import org.apache.camel.CamelContext;
import org.apache.camel.Component;
@@ -69,6 +70,7 @@ public final class IntrospectionSupport {
@SuppressWarnings("unchecked")
private static final LRUCache<Class<?>, ClassInfo> CACHE = LRUCacheFactory.newLRUWeakCache(1000);
private static final Object LOCK = new Object();
+ private static final Pattern SECRETS = Pattern.compile(".*(passphrase|password|secretKey).*", Pattern.CASE_INSENSITIVE);
static {
// exclude all java.lang.Object methods as we dont want to invoke them
@@ -567,7 +569,12 @@ public final class IntrospectionSupport {
setter.setAccessible(true);
setter.invoke(target, ref);
if (LOG.isTraceEnabled()) {
- LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, ref});
+ // hide sensitive data
+ String val = ref != null ? ref.toString() : "";
+ if (SECRETS.matcher(name).find()) {
+ val = "xxxxxx";
+ }
+ LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, val});
}
return true;
} else {
@@ -577,7 +584,12 @@ public final class IntrospectionSupport {
setter.setAccessible(true);
setter.invoke(target, convertedValue);
if (LOG.isTraceEnabled()) {
- LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, ref});
+ // hide sensitive data
+ String val = ref != null ? ref.toString() : "";
+ if (SECRETS.matcher(name).find()) {
+ val = "xxxxxx";
+ }
+ LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, val});
}
return true;
}
diff --git a/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java b/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java
index 70be483..cdb3cab 100644
--- a/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java
+++ b/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java
@@ -57,6 +57,35 @@ public class IntrospectionSupportTest extends ContextTestSupport {
assertEquals("Willem", overloadedBean.getName());
}
+ public void testPassword() throws Exception {
+ MyPasswordBean passwordBean = new MyPasswordBean();
+ IntrospectionSupport.setProperty(context.getTypeConverter(), passwordBean, "oldPassword", "Donald");
+ IntrospectionSupport.setProperty(context.getTypeConverter(), passwordBean, "newPassword", "Duck");
+ assertEquals("Donald", passwordBean.getOldPassword());
+ assertEquals("Duck", passwordBean.getNewPassword());
+ }
+
+ public class MyPasswordBean {
+ private String oldPassword;
+ private String newPassword;
+
+ public String getOldPassword() {
+ return oldPassword;
+ }
+
+ public void setOldPassword(String oldPassword) {
+ this.oldPassword = oldPassword;
+ }
+
+ public String getNewPassword() {
+ return newPassword;
+ }
+
+ public void setNewPassword(String newPassword) {
+ this.newPassword = newPassword;
+ }
+ }
+
public class MyOverloadedBean {
private ExampleBean bean;
--
To stop receiving notification emails like this one, please contact
davsclaus@apache.org.