From commits-return-61614-archive-asf-public=cust-asf.ponee.io@camel.apache.org Wed Feb 28 16:43:31 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id D6828180657 for ; Wed, 28 Feb 2018 16:43:30 +0100 (CET) Received: (qmail 52606 invoked by uid 500); 28 Feb 2018 15:43:30 -0000 Mailing-List: contact commits-help@camel.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@camel.apache.org Delivered-To: mailing list commits@camel.apache.org Received: (qmail 52597 invoked by uid 99); 28 Feb 2018 15:43:29 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 28 Feb 2018 15:43:29 +0000 Received: by gitbox.apache.org (ASF Mail Server at gitbox.apache.org, from userid 33) id 5C1E282617; Wed, 28 Feb 2018 15:43:29 +0000 (UTC) Date: Wed, 28 Feb 2018 15:43:29 +0000 To: "commits@camel.apache.org" Subject: [camel] branch camel-2.20.x updated: CAMEL-12305: IntrospectionSupport - Hide sensitive values when logging MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Message-ID: <151983260914.19359.16829700770024353179@gitbox.apache.org> From: davsclaus@apache.org X-Git-Host: gitbox.apache.org X-Git-Repo: camel X-Git-Refname: refs/heads/camel-2.20.x X-Git-Reftype: branch X-Git-Oldrev: b9aaa201b0a2d7158eacc64d9ef54e5b08208df6 X-Git-Newrev: 465fac98edc1c20980517d84fc2cfb957bb92453 X-Git-Rev: 465fac98edc1c20980517d84fc2cfb957bb92453 X-Git-NotificationType: ref_changed_plus_diff X-Git-Multimail-Version: 1.5.dev Auto-Submitted: auto-generated This is an automated email from the ASF dual-hosted git repository. davsclaus pushed a commit to branch camel-2.20.x in repository https://gitbox.apache.org/repos/asf/camel.git The following commit(s) were added to refs/heads/camel-2.20.x by this push: new 465fac9 CAMEL-12305: IntrospectionSupport - Hide sensitive values when logging 465fac9 is described below commit 465fac98edc1c20980517d84fc2cfb957bb92453 Author: Claus Ibsen AuthorDate: Wed Feb 28 16:42:15 2018 +0100 CAMEL-12305: IntrospectionSupport - Hide sensitive values when logging --- .../apache/camel/util/IntrospectionSupport.java | 16 ++++++++++-- .../camel/util/IntrospectionSupportTest.java | 29 ++++++++++++++++++++++ 2 files changed, 43 insertions(+), 2 deletions(-) diff --git a/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java b/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java index 8b66426..5b99692 100644 --- a/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java +++ b/camel-core/src/main/java/org/apache/camel/util/IntrospectionSupport.java @@ -37,6 +37,7 @@ import java.util.Locale; import java.util.Map; import java.util.Map.Entry; import java.util.Set; +import java.util.regex.Pattern; import org.apache.camel.CamelContext; import org.apache.camel.Component; @@ -69,6 +70,7 @@ public final class IntrospectionSupport { @SuppressWarnings("unchecked") private static final LRUCache, ClassInfo> CACHE = LRUCacheFactory.newLRUWeakCache(1000); private static final Object LOCK = new Object(); + private static final Pattern SECRETS = Pattern.compile(".*(passphrase|password|secretKey).*", Pattern.CASE_INSENSITIVE); static { // exclude all java.lang.Object methods as we dont want to invoke them @@ -567,7 +569,12 @@ public final class IntrospectionSupport { setter.setAccessible(true); setter.invoke(target, ref); if (LOG.isTraceEnabled()) { - LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, ref}); + // hide sensitive data + String val = ref != null ? ref.toString() : ""; + if (SECRETS.matcher(name).find()) { + val = "xxxxxx"; + } + LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, val}); } return true; } else { @@ -577,7 +584,12 @@ public final class IntrospectionSupport { setter.setAccessible(true); setter.invoke(target, convertedValue); if (LOG.isTraceEnabled()) { - LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, ref}); + // hide sensitive data + String val = ref != null ? ref.toString() : ""; + if (SECRETS.matcher(name).find()) { + val = "xxxxxx"; + } + LOG.trace("Configured property: {} on bean: {} with value: {}", new Object[]{name, target, val}); } return true; } diff --git a/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java b/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java index 70be483..cdb3cab 100644 --- a/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java +++ b/camel-core/src/test/java/org/apache/camel/util/IntrospectionSupportTest.java @@ -57,6 +57,35 @@ public class IntrospectionSupportTest extends ContextTestSupport { assertEquals("Willem", overloadedBean.getName()); } + public void testPassword() throws Exception { + MyPasswordBean passwordBean = new MyPasswordBean(); + IntrospectionSupport.setProperty(context.getTypeConverter(), passwordBean, "oldPassword", "Donald"); + IntrospectionSupport.setProperty(context.getTypeConverter(), passwordBean, "newPassword", "Duck"); + assertEquals("Donald", passwordBean.getOldPassword()); + assertEquals("Duck", passwordBean.getNewPassword()); + } + + public class MyPasswordBean { + private String oldPassword; + private String newPassword; + + public String getOldPassword() { + return oldPassword; + } + + public void setOldPassword(String oldPassword) { + this.oldPassword = oldPassword; + } + + public String getNewPassword() { + return newPassword; + } + + public void setNewPassword(String newPassword) { + this.newPassword = newPassword; + } + } + public class MyOverloadedBean { private ExampleBean bean; -- To stop receiving notification emails like this one, please contact davsclaus@apache.org.