You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by gg...@apache.org on 2020/08/11 20:00:03 UTC
[commons-dbcp] branch master updated: Mask out user name and
password from DriverAdapterCPDS.toString().
This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-dbcp.git
The following commit(s) were added to refs/heads/master by this push:
new 0d585e3 Mask out user name and password from DriverAdapterCPDS.toString().
0d585e3 is described below
commit 0d585e3ee8efa99063f01b3b05d3f6ce20615f1c
Author: Gary Gregory <ga...@gmail.com>
AuthorDate: Tue Aug 11 15:59:55 2020 -0400
Mask out user name and password from DriverAdapterCPDS.toString().
---
src/changes/changes.xml | 3 +++
.../commons/dbcp2/cpdsadapter/DriverAdapterCPDS.java | 15 ++++++++++-----
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 05ddbd0..141096d 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -82,6 +82,9 @@ The <action> type attribute can be add,update,fix,remove.
<action dev="ggregory" type="update" due-to="DoiMasayuki, Alexander Norz, Gary Gregory">
Update to PR#36 - PrepareStatement and prepareCall methods are extracted #37.
</action>
+ <action dev="ggregory" type="update" due-to="Gary Gregory">
+ Mask out user name and password from DriverAdapterCPDS.toString().
+ </action>
<action dev="ggregory" type="update" issue="DBCP-650" due-to="Gary Gregory, Dependabot">
Update Apache Commons Pool from 2.7.0 to 2.8.1, #48.
</action>
diff --git a/src/main/java/org/apache/commons/dbcp2/cpdsadapter/DriverAdapterCPDS.java b/src/main/java/org/apache/commons/dbcp2/cpdsadapter/DriverAdapterCPDS.java
index b7166ab..fb98161 100644
--- a/src/main/java/org/apache/commons/dbcp2/cpdsadapter/DriverAdapterCPDS.java
+++ b/src/main/java/org/apache/commons/dbcp2/cpdsadapter/DriverAdapterCPDS.java
@@ -754,11 +754,8 @@ public class DriverAdapterCPDS implements ConnectionPoolDataSource, Referenceabl
builder.append(getConnectionCalled);
builder.append(", connectionProperties=");
Properties tmpProps = connectionProperties;
- final String pwdKey = "password";
- if (connectionProperties != null && connectionProperties.contains(pwdKey)) {
- tmpProps = (Properties) connectionProperties.clone();
- tmpProps.remove(pwdKey);
- }
+ tmpProps = mask(tmpProps, "user");
+ tmpProps = mask(tmpProps, "password");
builder.append(tmpProps);
builder.append(", accessToUnderlyingConnectionAllowed=");
builder.append(accessToUnderlyingConnectionAllowed);
@@ -766,6 +763,14 @@ public class DriverAdapterCPDS implements ConnectionPoolDataSource, Referenceabl
return builder.toString();
}
+ private Properties mask(Properties properties, final String maskValueAtKey) {
+ if (connectionProperties != null && connectionProperties.contains(maskValueAtKey)) {
+ properties = (Properties) connectionProperties.clone();
+ properties.put(maskValueAtKey, "[" + maskValueAtKey + "]");
+ }
+ return properties;
+ }
+
private void update(final Properties properties, final String key, final String value) {
if (properties != null && key != null) {
if (value == null) {