You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2018/02/28 15:43:27 UTC

[camel] branch master updated: CAMEL-12305: IntrospectionSupport - Hide sensitive values when logging

This is an automated email from the ASF dual-hosted git repository.

davsclaus pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/master by this push:
     new c6d2d8f  CAMEL-12305: IntrospectionSupport - Hide sensitive values when logging
c6d2d8f is described below

commit c6d2d8fcc0da4b43291925e1bf2276c3b76f8b51
Author: Claus Ibsen <cl...@gmail.com>
AuthorDate: Wed Feb 28 16:42:15 2018 +0100

    CAMEL-12305: IntrospectionSupport - Hide sensitive values when logging
---
 .../apache/camel/util/IntrospectionSupport.java    | 16 ++++++++++--
 .../camel/util/IntrospectionSupportTest.java       | 29 ++++++++++++++++++++++
 2 files changed, 43 insertions(+), 2 deletions(-)

diff --git a/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java b/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java
index 8b66426..5b99692 100644
--- a/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java
+++ b/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java
@@ -37,6 +37,7 @@ import java.util.Locale;
 import java.util.Map;
 import java.util.Map.Entry;
 import java.util.Set;
+import java.util.regex.Pattern;
 
 import org.apache.camel.CamelContext;
 import org.apache.camel.Component;
@@ -69,6 +70,7 @@ public final class IntrospectionSupport {
     @SuppressWarnings("unchecked")
     private static final LRUCache<Class<?>, ClassInfo> CACHE = LRUCacheFactory.newLRUWeakCache(1000);
     private static final Object LOCK = new Object();
+    private static final Pattern SECRETS = Pattern.compile(".*(passphrase|password|secretKey).*", Pattern.CASE_INSENSITIVE);
 
     static {
         // exclude all java.lang.Object methods as we dont want to invoke them
@@ -567,7 +569,12 @@ public final class IntrospectionSupport {
                         setter.setAccessible(true);
                         setter.invoke(target, ref);
                         if (LOG.isTraceEnabled()) {
-                            LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, ref});
+                            // hide sensitive data
+                            String val = ref != null ? ref.toString() : "";
+                            if (SECRETS.matcher(name).find()) {
+                                val = "xxxxxx";
+                            }
+                            LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, val});
                         }
                         return true;
                     } else {
@@ -577,7 +584,12 @@ public final class IntrospectionSupport {
                         setter.setAccessible(true);
                         setter.invoke(target, convertedValue);
                         if (LOG.isTraceEnabled()) {
-                            LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, ref});
+                            // hide sensitive data
+                            String val = ref != null ? ref.toString() : "";
+                            if (SECRETS.matcher(name).find()) {
+                                val = "xxxxxx";
+                            }
+                            LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, val});
                         }
                         return true;
                     }
diff --git a/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java b/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java
index 70be483..cdb3cab 100644
--- a/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java
+++ b/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java
@@ -57,6 +57,35 @@ public class IntrospectionSupportTest extends ContextTestSupport {
         assertEquals("Willem", overloadedBean.getName());
     }
 
+    public void testPassword() throws Exception {
+        MyPasswordBean passwordBean = new MyPasswordBean();
+        IntrospectionSupport.setProperty(context.getTypeConverter(), passwordBean, "oldPassword", "Donald");
+        IntrospectionSupport.setProperty(context.getTypeConverter(), passwordBean, "newPassword", "Duck");
+        assertEquals("Donald", passwordBean.getOldPassword());
+        assertEquals("Duck", passwordBean.getNewPassword());
+    }
+
+    public class MyPasswordBean {
+        private String oldPassword;
+        private String newPassword;
+
+        public String getOldPassword() {
+            return oldPassword;
+        }
+
+        public void setOldPassword(String oldPassword) {
+            this.oldPassword = oldPassword;
+        }
+
+        public String getNewPassword() {
+            return newPassword;
+        }
+
+        public void setNewPassword(String newPassword) {
+            this.newPassword = newPassword;
+        }
+    }
+
     public class MyOverloadedBean {
         private ExampleBean bean;
 

-- 
To stop receiving notification emails like this one, please contact
davsclaus@apache.org.