[jboss-cvs] JBossAS SVN: r79327 - branches/Branch_4_2/security/src/main/org/jboss/security/auth/login.

[jboss-cvs-commits at lists.jboss.org]

Author: mmoyses
Date: 2008-10-09 23:08:39 -0400 (Thu, 09 Oct 2008)
New Revision: 79327

Modified:
   branches/Branch_4_2/security/src/main/org/jboss/security/auth/login/AuthenticationInfo.java
Log:
JBAS-6069: masked passwords/credentials

Modified: branches/Branch_4_2/security/src/main/org/jboss/security/auth/login/AuthenticationInfo.java
===================================================================
--- branches/Branch_4_2/security/src/main/org/jboss/security/auth/login/AuthenticationInfo.java	2008-10-10 02:13:27 UTC (rev 79326)
+++ branches/Branch_4_2/security/src/main/org/jboss/security/auth/login/AuthenticationInfo.java	2008-10-10 03:08:39 UTC (rev 79327)
@@ -29,6 +29,8 @@
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Map.Entry;
+
+import javax.naming.Context;
 import javax.security.auth.AuthPermission;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.AppConfigurationEntry;
@@ -139,8 +141,13 @@
          while( iter.hasNext() )
          {
             Entry e = (Entry) iter.next();
-            buffer.append("name="+e.getKey());
-            buffer.append(", value="+e.getValue());
+            String name = (String) e.getKey();
+            String value = (String) e.getValue();
+            if (name.toLowerCase().equals("password") || name.toLowerCase().equals("bindcredential") 
+                  || name.toLowerCase().equals(Context.SECURITY_CREDENTIALS))
+               value = "****";
+            buffer.append("name="+name);
+            buffer.append(", value="+value);
             buffer.append("\n");
          }
       }