You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@continuum.apache.org by ev...@apache.org on 2008/10/08 07:03:11 UTC
svn commit: r702698 -
/continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java
Author: evenisse
Date: Tue Oct 7 22:03:10 2008
New Revision: 702698
URL: http://svn.apache.org/viewvc?rev=702698&view=rev
Log:
[CONTINUUM-1914] Hide passwords in continuum logs
Modified:
continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java
Modified: continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java
URL: http://svn.apache.org/viewvc/continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java?rev=702698&r1=702697&r2=702698&view=diff
==============================================================================
--- continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java (original)
+++ continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java Tue Oct 7 22:03:10 2008
@@ -19,17 +19,6 @@
* under the License.
*/
-import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.FileWriter;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URL;
-import java.net.UnknownHostException;
-
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpException;
import org.apache.http.HttpResponse;
@@ -57,6 +46,17 @@
import org.codehaus.plexus.util.IOUtil;
import org.codehaus.plexus.util.StringUtils;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.net.UnknownHostException;
+
/**
* @author <a href="mailto:trygvis@inamo.no">Trygve Laugstøl</a>
@@ -68,23 +68,23 @@
{
private static final String TMP_DIR = System.getProperty( "java.io.tmpdir" );
-
+
private DefaultHttpClient httpClient;
-
-
+
+
public void initialize()
throws InitializationException
{
SchemeRegistry schemeRegistry = new SchemeRegistry();
// http scheme
- schemeRegistry.register( new Scheme( "http", PlainSocketFactory.getSocketFactory(), 80 ) );
+ schemeRegistry.register( new Scheme( "http", PlainSocketFactory.getSocketFactory(), 80 ) );
// https scheme
- SSLSocketFactory sslSocketFactory = SSLSocketFactory.getSocketFactory();
-
+ SSLSocketFactory sslSocketFactory = SSLSocketFactory.getSocketFactory();
+
// ignore cert
sslSocketFactory.setHostnameVerifier( SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER );
schemeRegistry.register( new Scheme( "https", sslSocketFactory, 443 ) );
-
+
HttpParams params = new BasicHttpParams();
// TODO put this values to a configuration way ???
params.setParameter( ConnManagerPNames.MAX_TOTAL_CONNECTIONS, new Integer( 30 ) );
@@ -92,24 +92,30 @@
HttpProtocolParams.setVersion( params, HttpVersion.HTTP_1_1 );
ClientConnectionManager cm = new ThreadSafeClientConnManager( params, schemeRegistry );
-
+
httpClient = new DefaultHttpClient( cm, params );
-
+
}
- protected File createMetadataFile( URL metadata, String username, String password, ContinuumProjectBuildingResult result )
+ protected File createMetadataFile( URL metadata, String username, String password,
+ ContinuumProjectBuildingResult result )
throws IOException, URISyntaxException, HttpException
{
- getLogger().info( "Downloading " + metadata.toExternalForm() );
+ String url = metadata.toExternalForm();
+ if ( metadata.getProtocol().startsWith( "http" ) )
+ {
+ url = hidePasswordInUrl( url );
+ }
+ getLogger().info( "Downloading " + url );
InputStream is = null;
-
+
if ( metadata.getProtocol().startsWith( "http" ) )
{
URI uri = metadata.toURI();
HttpGet httpGet = new HttpGet( uri );
-
+
// basic auth
if ( username != null && password != null )
{
@@ -117,21 +123,21 @@
.setCredentials( new AuthScope( uri.getHost(), uri.getPort() ),
new UsernamePasswordCredentials( username, password ) );
}
-
+
HttpResponse httpResponse = httpClient.execute( httpGet );
-
+
// basic auth
int res = httpResponse.getStatusLine().getStatusCode();
- switch (res)
+ switch ( res )
{
- case 200 :
+ case 200:
break;
case 401:
getLogger().error( "Error adding project: Unauthorized " + metadata, null );
result.addError( ContinuumProjectBuildingResult.ERROR_UNAUTHORIZED );
return null;
- default :
+ default:
getLogger().warn( "skip non handled http return code " + res );
}
is = IOUtils.toInputStream( EntityUtils.toString( httpResponse.getEntity(), EntityUtils
@@ -178,9 +184,9 @@
// FIXME should deleted after has been reading
File uploadDirectory = new File( continuumTmpDir, baseDirectory );
-
+
uploadDirectory.deleteOnExit();
-
+
// resolve any '..' as it will cause issues
uploadDirectory = uploadDirectory.getCanonicalFile();
@@ -203,6 +209,22 @@
return file;
}
+ private String hidePasswordInUrl( String url )
+ {
+ int indexAt = url.indexOf( "@" );
+
+ if ( indexAt < 0 )
+ {
+ return url;
+ }
+
+ String s = url.substring( 0, indexAt );
+
+ int pos = s.lastIndexOf( ":" );
+
+ return s.substring( 0, pos + 1 ) + "*****" + url.substring( indexAt );
+ }
+
/**
* Create metadata file and handle exceptions, adding the errors to the result object.
*
@@ -233,7 +255,7 @@
{
getLogger().info( "Malformed URL: " + metadata, e );
result.addError( ContinuumProjectBuildingResult.ERROR_MALFORMED_URL );
- }
+ }
catch ( UnknownHostException e )
{
getLogger().info( "Unknown host: " + metadata, e );
@@ -248,7 +270,7 @@
{
getLogger().warn( "Could not download the URL: " + metadata, e );
result.addError( ContinuumProjectBuildingResult.ERROR_UNKNOWN );
- }
+ }
return null;
}