[jboss-cvs] JBossAS SVN: r79327 - branches/Branch_4_2/security/src/main/org/jboss/security/auth/login.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Oct 9 23:08:39 EDT 2008
Author: mmoyses
Date: 2008-10-09 23:08:39 -0400 (Thu, 09 Oct 2008)
New Revision: 79327
Modified:
branches/Branch_4_2/security/src/main/org/jboss/security/auth/login/AuthenticationInfo.java
Log:
JBAS-6069: masked passwords/credentials
Modified: branches/Branch_4_2/security/src/main/org/jboss/security/auth/login/AuthenticationInfo.java
===================================================================
--- branches/Branch_4_2/security/src/main/org/jboss/security/auth/login/AuthenticationInfo.java 2008-10-10 02:13:27 UTC (rev 79326)
+++ branches/Branch_4_2/security/src/main/org/jboss/security/auth/login/AuthenticationInfo.java 2008-10-10 03:08:39 UTC (rev 79327)
@@ -29,6 +29,8 @@
import java.util.Iterator;
import java.util.Map;
import java.util.Map.Entry;
+
+import javax.naming.Context;
import javax.security.auth.AuthPermission;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.AppConfigurationEntry;
@@ -139,8 +141,13 @@
while( iter.hasNext() )
{
Entry e = (Entry) iter.next();
- buffer.append("name="+e.getKey());
- buffer.append(", value="+e.getValue());
+ String name = (String) e.getKey();
+ String value = (String) e.getValue();
+ if (name.toLowerCase().equals("password") || name.toLowerCase().equals("bindcredential")
+ || name.toLowerCase().equals(Context.SECURITY_CREDENTIALS))
+ value = "****";
+ buffer.append("name="+name);
+ buffer.append(", value="+value);
buffer.append("\n");
}
}
More information about the jboss-cvs-commits
mailing list