You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ff...@apache.org on 2018/10/08 01:26:47 UTC
[cxf] branch 3.2.x-fixes updated (0b3a4fe -> 2582777)
This is an automated email from the ASF dual-hosted git repository.
ffang pushed a change to branch 3.2.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git.
from 0b3a4fe Recording .gitmergeinfo Changes
new f765275 [CXF-7828]shouldn't log JMS password from JMS address when using JMS transport
new 764a770 [CXF-7827]use .toString() instead of classcast
new 6b76ed7 [CXF-7827]also update the test
new 2582777 [CXF-7827]a bit revise
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../cxf/common/logging/RegexLoggingFilter.java | 117 +++++++++++++++++++++
.../java/org/apache/cxf/endpoint/ServerImpl.java | 11 +-
.../logging/RegexLoggingFilterTest.java} | 24 ++---
3 files changed, 137 insertions(+), 15 deletions(-)
create mode 100644 core/src/main/java/org/apache/cxf/common/logging/RegexLoggingFilter.java
copy core/src/test/java/org/apache/cxf/{version/VersionTest.java => common/logging/RegexLoggingFilterTest.java} (61%)
[cxf] 01/04: [CXF-7828]shouldn't log JMS password from JMS address
when using JMS transport
Posted by ff...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
ffang pushed a commit to branch 3.2.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit f765275c79bc4d8dadf0a8adc51ccc4c8121ca29
Author: Freeman Fang <fr...@gmail.com>
AuthorDate: Mon Aug 27 16:20:53 2018 +0800
[CXF-7828]shouldn't log JMS password from JMS address when using JMS transport
(cherry picked from commit c1da5b05663fd21a6482af06dbf6fc77cf324529)
---
.../cxf/common/logging/RegexLoggingFilter.java | 117 +++++++++++++++++++++
.../java/org/apache/cxf/endpoint/ServerImpl.java | 11 +-
.../cxf/common/logging/RegexLoggingFilterTest.java | 36 +++++++
3 files changed, 163 insertions(+), 1 deletion(-)
diff --git a/core/src/main/java/org/apache/cxf/common/logging/RegexLoggingFilter.java b/core/src/main/java/org/apache/cxf/common/logging/RegexLoggingFilter.java
new file mode 100644
index 0000000..098b797
--- /dev/null
+++ b/core/src/main/java/org/apache/cxf/common/logging/RegexLoggingFilter.java
@@ -0,0 +1,117 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.common.logging;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+public class RegexLoggingFilter {
+
+ public static final String DEFAULT_REPLACEMENT = "*****";
+
+ private static class ReplaceRegEx {
+ private Pattern pattern;
+ private int group = 1;
+ private String replacement;
+
+ ReplaceRegEx(String pattern, int group, String replacement) {
+ this.pattern = Pattern.compile(pattern);
+ this.group = group;
+ this.replacement = replacement;
+ }
+
+ public CharSequence filter(CharSequence command) {
+ Matcher m = pattern.matcher(command);
+ int offset = 0;
+ while (m.find()) {
+ int origLen = command.length();
+ command = new StringBuilder(command)
+ .replace(m.start(group) + offset, m.end(group) + offset, replacement).toString();
+ offset += command.length() - origLen;
+ }
+ return command;
+ }
+ }
+
+ private String regPattern;
+ private int regGroup = 1;
+ private String regReplacement = DEFAULT_REPLACEMENT;
+
+ private List<ReplaceRegEx> regexs = new ArrayList<ReplaceRegEx>();
+
+ public CharSequence filter(CharSequence command) {
+ if (regPattern != null) {
+ command = new ReplaceRegEx(regPattern, regGroup, regReplacement).filter(command);
+ }
+ for (ReplaceRegEx regex : regexs) {
+ command = regex.filter(command);
+ }
+ return command;
+ }
+
+ public void addRegEx(String pattern) {
+ addRegEx(pattern, 1);
+ }
+
+ public void addRegEx(String pattern, int group) {
+ addRegEx(pattern, group, DEFAULT_REPLACEMENT);
+ }
+
+ public void addRegEx(String pattern, int group, String replacement) {
+ regexs.add(new ReplaceRegEx(pattern, group, replacement));
+ }
+
+ public void addCommandOption(String option, String... commands) {
+ String pattern = "(";
+ for (String command : commands) {
+ if (pattern.length() > 1) {
+ pattern += "|";
+ }
+ pattern += Pattern.quote(command);
+ }
+ pattern += ") +.*?" + Pattern.quote(option) + " +([^ ]+)";
+ regexs.add(new ReplaceRegEx(pattern, 2, DEFAULT_REPLACEMENT));
+ }
+
+ public String getPattern() {
+ return regPattern;
+ }
+
+ public void setPattern(String pattern) {
+ this.regPattern = pattern;
+ }
+
+ public String getReplacement() {
+ return regReplacement;
+ }
+
+ public void setReplacement(String replacement) {
+ this.regReplacement = replacement;
+ }
+
+ public int getGroup() {
+ return regGroup;
+ }
+
+ public void setGroup(int group) {
+ this.regGroup = group;
+ }
+}
diff --git a/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java b/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java
index 6437418..089859c 100644
--- a/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java
+++ b/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java
@@ -30,6 +30,7 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusException;
import org.apache.cxf.binding.BindingFactory;
import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.logging.RegexLoggingFilter;
import org.apache.cxf.management.InstrumentationManager;
import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.transport.Destination;
@@ -82,7 +83,15 @@ public class ServerImpl implements Server {
}
destination = destinationFactory.getDestination(ei, bus);
- LOG.info("Setting the server's publish address to be " + ei.getAddress());
+ String wantFilter = ei.getAddress();
+
+ if (wantFilter != null && wantFilter.startsWith("jms")) {
+ RegexLoggingFilter filter = new RegexLoggingFilter();
+ filter.setPattern("jms(.*?)password=+([^ ]+)[.]");
+ filter.setGroup(2);
+ wantFilter = (String)filter.filter(wantFilter);
+ }
+ LOG.info("Setting the server's publish address to be " + wantFilter);
serverRegistry = bus.getExtension(ServerRegistry.class);
mep = createManagedEndpoint();
diff --git a/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java b/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java
new file mode 100644
index 0000000..f153d72
--- /dev/null
+++ b/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.common.logging;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class RegexLoggingFilterTest extends Assert {
+
+ @Test
+ public void testFilter() throws Exception {
+ String wantFilter = "jms:queue:soapRequestQueue?username=admin&password=admin123.";
+ RegexLoggingFilter filter = new RegexLoggingFilter();
+ filter.setPattern("jms(.*?)password=+([^ ]+)[.]");
+ filter.setGroup(2);
+ wantFilter = (String)filter.filter(wantFilter);
+ assertEquals(wantFilter, "jms:queue:soapRequestQueue?username=admin&password=*****.");
+ }
+
+}
[cxf] 02/04: [CXF-7827]use .toString() instead of classcast
Posted by ff...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
ffang pushed a commit to branch 3.2.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 764a770854c16f407e49cb3ca162b6b1a5152208
Author: Freeman Fang <fr...@gmail.com>
AuthorDate: Mon Aug 27 17:15:22 2018 +0800
[CXF-7827]use .toString() instead of classcast
(cherry picked from commit b04ed235952c9352454b1780c54a5d86375e6990)
---
core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java b/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java
index 089859c..b6ade80 100644
--- a/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java
+++ b/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java
@@ -89,7 +89,7 @@ public class ServerImpl implements Server {
RegexLoggingFilter filter = new RegexLoggingFilter();
filter.setPattern("jms(.*?)password=+([^ ]+)[.]");
filter.setGroup(2);
- wantFilter = (String)filter.filter(wantFilter);
+ wantFilter = filter.filter(wantFilter).toString();
}
LOG.info("Setting the server's publish address to be " + wantFilter);
serverRegistry = bus.getExtension(ServerRegistry.class);
[cxf] 03/04: [CXF-7827]also update the test
Posted by ff...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
ffang pushed a commit to branch 3.2.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 6b76ed744661f2cb94b52e943fc42b668a341b40
Author: Freeman Fang <fr...@gmail.com>
AuthorDate: Mon Aug 27 17:29:58 2018 +0800
[CXF-7827]also update the test
(cherry picked from commit 25f2ad8d62ead6f4ec0589a3d029252319d918db)
---
.../test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java b/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java
index f153d72..7b77941 100644
--- a/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java
+++ b/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java
@@ -29,7 +29,7 @@ public class RegexLoggingFilterTest extends Assert {
RegexLoggingFilter filter = new RegexLoggingFilter();
filter.setPattern("jms(.*?)password=+([^ ]+)[.]");
filter.setGroup(2);
- wantFilter = (String)filter.filter(wantFilter);
+ wantFilter = filter.filter(wantFilter).toString();
assertEquals(wantFilter, "jms:queue:soapRequestQueue?username=admin&password=*****.");
}
[cxf] 04/04: [CXF-7827]a bit revise
Posted by ff...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
ffang pushed a commit to branch 3.2.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 2582777223d7373c2201606a537db6b7980c7c5e
Author: Freeman Fang <fr...@gmail.com>
AuthorDate: Fri Aug 31 11:00:17 2018 +0800
[CXF-7827]a bit revise
(cherry picked from commit ce2fcd19c63b7f666b778d482c5aa40e0e0c1828)
---
core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java | 2 +-
.../java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java b/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java
index b6ade80..d24a9ea 100644
--- a/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java
+++ b/core/src/main/java/org/apache/cxf/endpoint/ServerImpl.java
@@ -87,7 +87,7 @@ public class ServerImpl implements Server {
if (wantFilter != null && wantFilter.startsWith("jms")) {
RegexLoggingFilter filter = new RegexLoggingFilter();
- filter.setPattern("jms(.*?)password=+([^ ]+)[.]");
+ filter.setPattern("jms(.*?)password=+([^ ]+)");
filter.setGroup(2);
wantFilter = filter.filter(wantFilter).toString();
}
diff --git a/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java b/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java
index 7b77941..f883e13 100644
--- a/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java
+++ b/core/src/test/java/org/apache/cxf/common/logging/RegexLoggingFilterTest.java
@@ -27,10 +27,10 @@ public class RegexLoggingFilterTest extends Assert {
public void testFilter() throws Exception {
String wantFilter = "jms:queue:soapRequestQueue?username=admin&password=admin123.";
RegexLoggingFilter filter = new RegexLoggingFilter();
- filter.setPattern("jms(.*?)password=+([^ ]+)[.]");
+ filter.setPattern("jms(.*?)password=+([^ ]+)");
filter.setGroup(2);
wantFilter = filter.filter(wantFilter).toString();
- assertEquals(wantFilter, "jms:queue:soapRequestQueue?username=admin&password=*****.");
+ assertEquals(wantFilter, "jms:queue:soapRequestQueue?username=admin&password=*****");
}
}