camel-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From davscl...@apache.org
Subject git commit: CAMEL-4974: Added santizie option to JMX to hide sensitive information like password in URIs exposed in JMX MBean names and attributes.
Date Tue, 30 Jul 2013 08:13:41 GMT
Updated Branches:
  refs/heads/master 9d5bd2245 -> d6aa78289


CAMEL-4974: Added santizie option to JMX to hide sensitive information like password in URIs
exposed in JMX MBean names and attributes.


Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/d6aa7828
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/d6aa7828
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/d6aa7828

Branch: refs/heads/master
Commit: d6aa78289b0a6cda4e9cc4d1fc4db0d2b6a41701
Parents: 9d5bd22
Author: Claus Ibsen <davsclaus@apache.org>
Authored: Tue Jul 30 10:02:16 2013 +0200
Committer: Claus Ibsen <davsclaus@apache.org>
Committed: Tue Jul 30 10:13:30 2013 +0200

----------------------------------------------------------------------
 .../management/DefaultRequiredModelMBean.java   | 24 +++++++++++++++++---
 .../apache/camel/component/jms/JmsEndpoint.java |  2 +-
 .../component/zookeeper/ZooKeeperEndpoint.java  |  2 +-
 3 files changed, 23 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/camel/blob/d6aa7828/camel-core/src/main/java/org/apache/camel/management/DefaultRequiredModelMBean.java
----------------------------------------------------------------------
diff --git a/camel-core/src/main/java/org/apache/camel/management/DefaultRequiredModelMBean.java
b/camel-core/src/main/java/org/apache/camel/management/DefaultRequiredModelMBean.java
index 1af511c..fd6fdad 100644
--- a/camel-core/src/main/java/org/apache/camel/management/DefaultRequiredModelMBean.java
+++ b/camel-core/src/main/java/org/apache/camel/management/DefaultRequiredModelMBean.java
@@ -21,20 +21,22 @@ import javax.management.MBeanException;
 import javax.management.MBeanOperationInfo;
 import javax.management.ReflectionException;
 import javax.management.RuntimeOperationsException;
-import javax.management.modelmbean.ModelMBeanInfo;
 import javax.management.modelmbean.RequiredModelMBean;
 
 import org.apache.camel.util.ObjectHelper;
 import org.apache.camel.util.URISupport;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
- * A {@link RequiredModelMBean} which allows us to intercept invoking operations.
+ * A {@link RequiredModelMBean} which allows us to intercept invoking operations on the MBean.
  * <p/>
  * For example if sanitize has been enabled on JMX, then we use this implementation
  * to hide sensitive information from the returned JMX attributes / operations.
  */
 public class DefaultRequiredModelMBean extends RequiredModelMBean {
 
+    private static final Logger LOG = LoggerFactory.getLogger(DefaultRequiredModelMBean.class);
     private boolean sanitize;
 
     public DefaultRequiredModelMBean() throws MBeanException, RuntimeOperationsException
{
@@ -54,7 +56,7 @@ public class DefaultRequiredModelMBean extends RequiredModelMBean {
         Object answer = super.invoke(opName, opArgs, sig);
         // sanitize the answer if enabled and it was a String type (we cannot sanitize other
types)
         if (sanitize && answer instanceof String && ObjectHelper.isNotEmpty(answer)
&& isSanitizedOperation(opName)) {
-            answer = URISupport.sanitizeUri((String) answer);
+            answer = sanitize(opName, (String) answer);
         }
         return answer;
     }
@@ -71,4 +73,20 @@ public class DefaultRequiredModelMBean extends RequiredModelMBean {
         }
         return false;
     }
+
+    /**
+     * Sanitizes the returned value from invoking the operation
+     *
+     * @param opName  the operation name invoked
+     * @param value   the current value
+     * @return the sanitized value
+     */
+    protected String sanitize(String opName, String value) {
+        String answer = URISupport.sanitizeUri(value);
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("Sanitizing JMX operation: {}.{} value: {} -> {}",
+                    new Object[]{getMBeanInfo().getClassName(), opName, value, answer});
+        }
+        return answer;
+    }
 }

http://git-wip-us.apache.org/repos/asf/camel/blob/d6aa7828/components/camel-jms/src/main/java/org/apache/camel/component/jms/JmsEndpoint.java
----------------------------------------------------------------------
diff --git a/components/camel-jms/src/main/java/org/apache/camel/component/jms/JmsEndpoint.java
b/components/camel-jms/src/main/java/org/apache/camel/component/jms/JmsEndpoint.java
index 0b1741a..e8545fa 100644
--- a/components/camel-jms/src/main/java/org/apache/camel/component/jms/JmsEndpoint.java
+++ b/components/camel-jms/src/main/java/org/apache/camel/component/jms/JmsEndpoint.java
@@ -1130,7 +1130,7 @@ public class JmsEndpoint extends DefaultEndpoint implements HeaderFilterStrategy
         return getCamelContext().getName();
     }
 
-    @ManagedAttribute(description = "Endpoint Uri")
+    @ManagedAttribute(description = "Endpoint Uri", sanitize = true)
     @Override
     public String getEndpointUri() {
         return super.getEndpointUri();

http://git-wip-us.apache.org/repos/asf/camel/blob/d6aa7828/components/camel-zookeeper/src/main/java/org/apache/camel/component/zookeeper/ZooKeeperEndpoint.java
----------------------------------------------------------------------
diff --git a/components/camel-zookeeper/src/main/java/org/apache/camel/component/zookeeper/ZooKeeperEndpoint.java
b/components/camel-zookeeper/src/main/java/org/apache/camel/component/zookeeper/ZooKeeperEndpoint.java
index 369d699..9832eff 100644
--- a/components/camel-zookeeper/src/main/java/org/apache/camel/component/zookeeper/ZooKeeperEndpoint.java
+++ b/components/camel-zookeeper/src/main/java/org/apache/camel/component/zookeeper/ZooKeeperEndpoint.java
@@ -66,7 +66,7 @@ public class ZooKeeperEndpoint extends DefaultEndpoint {
         return connectionManager;
     }
 
-    @ManagedAttribute(description = "Session Password")
+    @ManagedAttribute(description = "Session Password", sanitize = true)
     public byte[] getSessionPassword() {
         return getConfiguration().getSessionPassword();
     }


Mime
View raw message