You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by as...@apache.org on 2020/07/09 23:02:48 UTC
[cxf] branch feature/CXF-8099_mask_sensitive_logging_elements
updated (a99ff2c -> b8f66bb)
This is an automated email from the ASF dual-hosted git repository.
ashakirin pushed a change to branch feature/CXF-8099_mask_sensitive_logging_elements
in repository https://gitbox.apache.org/repos/asf/cxf.git.
from a99ff2c CXF-8099: updated method names, removed unused optional
add 7a13bff Adding JAX-WS integration test for DefaultBasicAuthSupplier
add 9a5b456 CXF-8307: Invalid class generated if resource contains hyphen
add 5baa0c0 Eclipse the 3.1 servlet api from test scope to avoid compiler issues in eclipse
add bbf08b7 Upgrade to Jetty 9.4.30.v20200611
add e916cd3 Upgrade to Maven War Plugin 3.3.0
add 8ac741a Changing whitelist to allowlist
add 02de4c4 CXF-8313: Updated to Swagger Core 2.1.3 / 1.6.2, Jackson 2.11.1 (#682)
add 83724e7 Updating Tomcat to 9.0.37
add da40460 [CXF-8257]Logger no longer logs bad requests
add ad78161 Updating BouncyCastle to 1.66
add 77d1544 Merge branch 'master' of github.com:apache/cxf
add ef69713 CXF-8310 - JMS transport with flag oneSessionPerConnection causes reconnection to not work. Thanks to Dieter Brandt for the patch.
add a0f76d6 CXF-8311 - OAuth 2.0: Refresh token redemption unexpectedly fails with invalid_grant error
add 247835a [CXF-8281]add a test for using Chinese as attachment file name
add 2ff8c81 Update to hsqldb 2.5.1
add 9c6958c Update to hibernate em 5.4.18.Final
add bf85fd1 Add some restrictions on the length of URLs passed through to the STS StaticService
add 85f83da Downgrage hsqldb version to 2.5.0
add 47a21d4 remove hibernate persistence api dependency
new b8f66bb Merge branch 'master' into feature/CXF-8099_mask_sensitive_logging_elements
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../cxf/common/logging/RegexLoggingFilterTest.java | 3 +-
distribution/src/main/release/samples/pom.xml | 4 +-
.../karaf/features/src/main/resources/features.xml | 3 +-
parent/pom.xml | 19 +++--
pom.xml | 5 --
.../ext/logging/AbstractLoggingInterceptor.java | 3 +-
.../cxf/ext/logging/LoggingInInterceptor.java | 24 ++++++
rt/frontend/jaxrs/pom.xml | 4 +
.../apache/cxf/jaxrs/model/wadl/WadlGenerator.java | 14 ++--
.../cxf/jaxrs/model/wadl/WadlGeneratorTest.java | 8 +-
.../httpsignature/utils/SignatureHeaderUtils.java | 2 +-
rt/rs/security/oauth-parent/oauth2/pom.xml | 10 +--
.../grants/refresh/RefreshTokenGrantHandler.java | 2 +-
.../cxf/rs/security/oauth2/utils/OAuthUtils.java | 13 +++-
rt/rs/security/sso/oidc/pom.xml | 10 +--
.../apache/cxf/transport/jms/JMSDestination.java | 2 +-
.../jms/util/PollingMessageListenerContainer.java | 6 ++
.../org/apache/cxf/sts/service/StaticService.java | 24 ++++++
.../apache/cxf/sts/service/StaticServiceTest.java | 68 ++++++++++++++++
.../apache/cxf/systest/jaxrs/AtomBookStore.java | 3 +
.../apache/cxf/systest/jaxrs/AtomBookStore2.java | 3 +
.../apache/cxf/systest/jaxrs/AtomBookStore3.java | 3 +
.../cxf/systest/jaxws/JaxwsAsyncFailOverTest.java | 6 ++
...ncFailOverTest.java => JaxwsBasicAuthTest.java} | 86 ++++++++++++++-------
systests/rs-security/pom.xml | 16 ++--
.../grants/AuthorizationGrantNegativeTest.java | 46 +++++++++++
.../oauth2/grants/AuthorizationGrantTest.java | 45 +++++++++++
.../apache/cxf/systest/mtom/ClientMtomXopTest.java | 37 +++++++++
.../test/resources/\346\265\213\350\257\225.bmp" | Bin
.../cxf/tools/wadlto/jaxrs/SourceGenerator.java | 2 +-
.../cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java | 22 ++++++
.../{multipleResources.xml => bookstoreHyphen.xml} | 35 +++++----
32 files changed, 428 insertions(+), 100 deletions(-)
create mode 100644 services/sts/sts-core/src/test/java/org/apache/cxf/sts/service/StaticServiceTest.java
copy systests/jaxws/src/test/java/org/apache/cxf/systest/jaxws/{JaxwsAsyncFailOverTest.java => JaxwsBasicAuthTest.java} (52%)
copy systests/uncategorized/src/test/resources/me.bmp => "systests/uncategorized/src/test/resources/\346\265\213\350\257\225.bmp" (100%)
copy tools/wadlto/jaxrs/src/test/resources/wadl/{multipleResources.xml => bookstoreHyphen.xml} (53%)
[cxf] 01/01: Merge branch 'master' into
feature/CXF-8099_mask_sensitive_logging_elements
Posted by as...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
ashakirin pushed a commit to branch feature/CXF-8099_mask_sensitive_logging_elements
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit b8f66bb7c77125560d8d4091ac77258d79401613
Merge: a99ff2c 47a21d4
Author: ashakirin <49...@users.noreply.github.com>
AuthorDate: Fri Jul 10 01:02:15 2020 +0200
Merge branch 'master' into feature/CXF-8099_mask_sensitive_logging_elements
# Conflicts:
# rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
.../cxf/common/logging/RegexLoggingFilterTest.java | 3 +-
distribution/src/main/release/samples/pom.xml | 4 +-
.../karaf/features/src/main/resources/features.xml | 3 +-
parent/pom.xml | 19 +++--
pom.xml | 5 --
.../ext/logging/AbstractLoggingInterceptor.java | 3 +-
.../cxf/ext/logging/LoggingInInterceptor.java | 24 ++++++
rt/frontend/jaxrs/pom.xml | 4 +
.../apache/cxf/jaxrs/model/wadl/WadlGenerator.java | 14 ++--
.../cxf/jaxrs/model/wadl/WadlGeneratorTest.java | 8 +-
.../httpsignature/utils/SignatureHeaderUtils.java | 2 +-
rt/rs/security/oauth-parent/oauth2/pom.xml | 10 +--
.../grants/refresh/RefreshTokenGrantHandler.java | 2 +-
.../cxf/rs/security/oauth2/utils/OAuthUtils.java | 13 +++-
rt/rs/security/sso/oidc/pom.xml | 10 +--
.../apache/cxf/transport/jms/JMSDestination.java | 2 +-
.../jms/util/PollingMessageListenerContainer.java | 6 ++
.../org/apache/cxf/sts/service/StaticService.java | 24 ++++++
.../apache/cxf/sts/service/StaticServiceTest.java | 68 ++++++++++++++++
.../apache/cxf/systest/jaxrs/AtomBookStore.java | 3 +
.../apache/cxf/systest/jaxrs/AtomBookStore2.java | 3 +
.../apache/cxf/systest/jaxrs/AtomBookStore3.java | 3 +
.../cxf/systest/jaxws/JaxwsAsyncFailOverTest.java | 6 ++
...ncFailOverTest.java => JaxwsBasicAuthTest.java} | 86 ++++++++++++++-------
systests/rs-security/pom.xml | 16 ++--
.../grants/AuthorizationGrantNegativeTest.java | 46 +++++++++++
.../oauth2/grants/AuthorizationGrantTest.java | 45 +++++++++++
.../apache/cxf/systest/mtom/ClientMtomXopTest.java | 37 +++++++++
.../test/resources/\346\265\213\350\257\225.bmp" | Bin 0 -> 163166 bytes
.../cxf/tools/wadlto/jaxrs/SourceGenerator.java | 2 +-
.../cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java | 22 ++++++
.../src/test/resources/wadl/bookstoreHyphen.xml | 46 +++++++++++
32 files changed, 454 insertions(+), 85 deletions(-)
diff --cc rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
index 104b6b4,7927359..e4375f8
--- a/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
+++ b/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
@@@ -39,8 -34,7 +39,7 @@@ public abstract class AbstractLoggingIn
public static final int DEFAULT_LIMIT = 48 * 1024;
public static final int DEFAULT_THRESHOLD = -1;
public static final String CONTENT_SUPPRESSED = "--- Content suppressed ---";
- private static final String LIVE_LOGGING_PROP = "org.apache.cxf.logging.enable";
-
- protected static final String LIVE_LOGGING_PROP = "org.apache.cxf.logging.enable";
++ protected static final String LIVE_LOGGING_PROP = "org.apache.cxf.logging.enable";
protected int limit = DEFAULT_LIMIT;
protected long threshold = DEFAULT_THRESHOLD;
protected boolean logBinary;
diff --cc rt/features/logging/src/main/java/org/apache/cxf/ext/logging/LoggingInInterceptor.java
index c5da59d,a5ed555..73b72b2
--- a/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/LoggingInInterceptor.java
+++ b/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/LoggingInInterceptor.java
@@@ -64,9 -83,14 +83,14 @@@ public class LoggingInInterceptor exten
public void handleMessage(Message message) throws Fault {
if (isLoggingDisabledNow(message)) {
return;
+ } else {
+ //ensure only logging once for a certain message
+ //this can prevent message logging again when fault
+ //happen after PRE_INVOKE phase(rewind calls into LoggingInFaultInterceptor)
+ message.put(LIVE_LOGGING_PROP, Boolean.FALSE);
}
createExchangeId(message);
- final LogEvent event = eventMapper.map(message);
+ final LogEvent event = eventMapper.map(message, sensitiveProtocolHeaderMap);
if (shouldLogContent(event)) {
addContent(message, event);
} else {