Author: davsclaus
Date: Thu May 19 07:28:28 2011
New Revision: 1124568
URL: http://svn.apache.org/viewvc?rev=1124568&view=rev
Log:
CAMEL-3980: Avoid showing plaintext password in exception messages. Thanks to
Taariq for the patch.
Added:
camel/trunk/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FtpEndpointURISanitizedTest.java
(with props)
Modified:
camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultEndpoint.java
camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultPollingConsumerPollStrategy.java
camel/trunk/camel-core/src/main/java/org/apache/camel/util/URISupport.java
camel/trunk/camel-core/src/test/java/org/apache/camel/impl/DefaultEndpointTest.java
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/s3/S3Consumer.java
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/s3/S3Producer.java
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sns/SnsProducer.java
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sqs/SqsConsumer.java
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sqs/SqsProducer.java
camel/trunk/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/FtpConsumer.java
camel/trunk/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/RemoteFileProducer.java
Modified:
camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultEndpoint.java
URL:
http://svn.apache.org/viewvc/camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultEndpoint.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
---
camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultEndpoint.java
(original)
+++
camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultEndpoint.java
Thu May 19 07:28:28 2011
@@ -19,7 +19,6 @@ package org.apache.camel.impl;
import java.lang.reflect.ParameterizedType;
import java.lang.reflect.Type;
import java.util.Map;
-import java.util.regex.Pattern;
import org.apache.camel.CamelContext;
import org.apache.camel.CamelContextAware;
@@ -31,6 +30,7 @@ import org.apache.camel.PollingConsumer;
import org.apache.camel.spi.HasId;
import org.apache.camel.util.EndpointHelper;
import org.apache.camel.util.ObjectHelper;
+import org.apache.camel.util.URISupport;
/**
* A default endpoint useful for implementation inheritance.
@@ -44,10 +44,6 @@ import org.apache.camel.util.ObjectHelpe
*/
public abstract class DefaultEndpoint extends ServiceSupport implements
Endpoint, HasId, CamelContextAware {
- //Match any key-value pair in the URI query string whose key contains
"passphrase" or "password" (case-insensitive).
- //First capture group is the key, second is the value.
- private static final Pattern SECRETS =
Pattern.compile("([?&][^=]*(?:passphrase|password|secretKey)[^=]*)=([^&]*)",
Pattern.CASE_INSENSITIVE);
-
private String endpointUri;
private CamelContext camelContext;
private Component component;
@@ -121,7 +117,7 @@ public abstract class DefaultEndpoint ex
@Override
public String toString() {
- return String.format("Endpoint[%s]", sanitizeUri(getEndpointUri()));
+ return String.format("Endpoint[%s]",
URISupport.sanitizeUri(getEndpointUri()));
}
/**
@@ -295,12 +291,4 @@ public abstract class DefaultEndpoint ex
protected void doStop() throws Exception {
// noop
}
-
- /**
- * Removes detected sensitive information (such as passwords) from the URI
and returns the result.
- */
- public static String sanitizeUri(String uri) {
- return uri == null ? null :
SECRETS.matcher(uri).replaceAll("$1=******");
- }
-
}
Modified:
camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultPollingConsumerPollStrategy.java
URL:
http://svn.apache.org/viewvc/camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultPollingConsumerPollStrategy.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
---
camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultPollingConsumerPollStrategy.java
(original)
+++
camel/trunk/camel-core/src/main/java/org/apache/camel/impl/DefaultPollingConsumerPollStrategy.java
Thu May 19 07:28:28 2011
@@ -49,7 +49,7 @@ public class DefaultPollingConsumerPollS
// only log warn if we are running, otherwise we are just stopping
which we should not log the issue in the logs
if (runAllowed) {
- log.warn("Consumer " + consumer + " could not poll endpoint: " +
endpoint.getEndpointUri() + " caused by: " + e.getMessage(), e);
+ log.warn("Consumer " + consumer + " could not poll endpoint: " +
endpoint + " caused by: " + e.getMessage(), e);
}
// we do not want to retry
Modified:
camel/trunk/camel-core/src/main/java/org/apache/camel/util/URISupport.java
URL:
http://svn.apache.org/viewvc/camel/trunk/camel-core/src/main/java/org/apache/camel/util/URISupport.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
--- camel/trunk/camel-core/src/main/java/org/apache/camel/util/URISupport.java
(original)
+++ camel/trunk/camel-core/src/main/java/org/apache/camel/util/URISupport.java
Thu May 19 07:28:28 2011
@@ -26,6 +26,7 @@ import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
+import java.util.regex.Pattern;
/**
* URI utilities.
@@ -34,12 +35,28 @@ import java.util.Map;
*/
public final class URISupport {
+ // Match any key-value pair in the URI query string whose key contains
+ // "passphrase" or "password" or secret key (case-insensitive).
+ // First capture group is the key, second is the value.
+ private static final Pattern SECRETS =
Pattern.compile("([?&][^=]*(?:passphrase|password|secretKey)[^=]*)=([^&]*)",
+ Pattern.CASE_INSENSITIVE);
private static final String CHARSET = "UTF-8";
private URISupport() {
// Helper class
}
+ /**
+ * Removes detected sensitive information (such as passwords) from the URI
and returns the result.
+ * @param uri The uri to sanitize.
+ * @see #SECRETS for the matched pattern
+ *
+ * @return Returns null if the uri is null, otherwise the URI with the
passphrase, password or secretKey sanitized.
+ */
+ public static String sanitizeUri(String uri) {
+ return uri == null ? null :
SECRETS.matcher(uri).replaceAll("$1=******");
+ }
+
public static Map<String, Object> parseQuery(String uri) throws
URISyntaxException {
// must check for trailing & as the uri.split("&") will ignore those
if (uri != null && uri.endsWith("&")) {
Modified:
camel/trunk/camel-core/src/test/java/org/apache/camel/impl/DefaultEndpointTest.java
URL:
http://svn.apache.org/viewvc/camel/trunk/camel-core/src/test/java/org/apache/camel/impl/DefaultEndpointTest.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
---
camel/trunk/camel-core/src/test/java/org/apache/camel/impl/DefaultEndpointTest.java
(original)
+++
camel/trunk/camel-core/src/test/java/org/apache/camel/impl/DefaultEndpointTest.java
Thu May 19 07:28:28 2011
@@ -17,29 +17,35 @@
package org.apache.camel.impl;
import org.apache.camel.ContextTestSupport;
+import org.apache.camel.util.URISupport;
/**
- * @version
+ * @version
*/
public class DefaultEndpointTest extends ContextTestSupport {
public void testSanitizeUri() {
- assertNull(DefaultEndpoint.sanitizeUri(null));
- assertEquals("", DefaultEndpoint.sanitizeUri(""));
+ assertNull(URISupport.sanitizeUri(null));
+ assertEquals("", URISupport.sanitizeUri(""));
assertSanitizedUriUnchanged("http://camel.apache.org";);
assertSanitizedUriUnchanged("irc://irc.codehaus.org/camel");
assertSanitizedUriUnchanged("direct:foo?bar=123&cheese=yes");
assertSanitizedUriUnchanged("https://issues.apache.org/activemq/secure/AddComment!default.jspa?id=33239";);
assertEquals("ftp://host.mysite.com/records?passiveMode=true&user=someuser&password=******";,
-
DefaultEndpoint.sanitizeUri("ftp://host.mysite.com/records?passiveMode=true&user=someuser&password=superSecret";));
+
URISupport.sanitizeUri("ftp://host.mysite.com/records?passiveMode=true&user=someuser&password=superSecret";));
assertEquals("sftp://host.mysite.com/records?user=someuser&privateKeyFile=key.file&privateKeyFilePassphrase=******&knownHostsFile=hosts.list";,
-
DefaultEndpoint.sanitizeUri("sftp://host.mysite.com/records?user=someuser&privateKeyFile=key.file&privateKeyFilePassphrase=superSecret&knownHostsFile=hosts.list";));
+
URISupport.sanitizeUri("sftp://host.mysite.com/records?user=someuser&privateKeyFile=key.file&privateKeyFilePassphrase=superSecret&knownHostsFile=hosts.list";));
assertEquals("aws-sqs://MyQueue?accessKey=1672t4rflhnhli3&secretKey=******",
-
DefaultEndpoint.sanitizeUri("aws-sqs://MyQueue?accessKey=1672t4rflhnhli3&secretKey=qi472qfberu33dqjncq"));
+
URISupport.sanitizeUri("aws-sqs://MyQueue?accessKey=1672t4rflhnhli3&secretKey=qi472qfberu33dqjncq"));
}
- public void assertSanitizedUriUnchanged(String uri) {
- assertEquals(uri, DefaultEndpoint.sanitizeUri(uri));
+ /**
+ * Ensures that the Uri was not changed because no password was found.
+ *
+ * @param uri The uri to test.
+ */
+ private void assertSanitizedUriUnchanged(String uri) {
+ assertEquals(uri, URISupport.sanitizeUri(uri));
}
}
Modified:
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/s3/S3Consumer.java
URL:
http://svn.apache.org/viewvc/camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/s3/S3Consumer.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
---
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/s3/S3Consumer.java
(original)
+++
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/s3/S3Consumer.java
Thu May 19 07:28:28 2011
@@ -32,12 +32,12 @@ import org.apache.camel.Exchange;
import org.apache.camel.NoFactoryAvailableException;
import org.apache.camel.Processor;
import org.apache.camel.ShutdownRunningTask;
-import org.apache.camel.impl.DefaultEndpoint;
import org.apache.camel.impl.ScheduledPollConsumer;
import org.apache.camel.spi.ShutdownAware;
import org.apache.camel.spi.Synchronization;
import org.apache.camel.util.CastUtils;
import org.apache.camel.util.ObjectHelper;
+import org.apache.camel.util.URISupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -225,6 +225,6 @@ public class S3Consumer extends Schedule
@Override
public String toString() {
- return "S3Consumer[" +
DefaultEndpoint.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
+ return "S3Consumer[" +
URISupport.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
}
}
\ No newline at end of file
Modified:
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/s3/S3Producer.java
URL:
http://svn.apache.org/viewvc/camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/s3/S3Producer.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
---
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/s3/S3Producer.java
(original)
+++
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/s3/S3Producer.java
Thu May 19 07:28:28 2011
@@ -25,8 +25,8 @@ import com.amazonaws.services.s3.model.P
import org.apache.camel.Endpoint;
import org.apache.camel.Exchange;
import org.apache.camel.Message;
-import org.apache.camel.impl.DefaultEndpoint;
import org.apache.camel.impl.DefaultProducer;
+import org.apache.camel.util.URISupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -88,7 +88,7 @@ public class S3Producer extends DefaultP
@Override
public String toString() {
- return "S3Producer[" +
DefaultEndpoint.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
+ return "S3Producer[" +
URISupport.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
}
@Override
Modified:
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sns/SnsProducer.java
URL:
http://svn.apache.org/viewvc/camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sns/SnsProducer.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
---
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sns/SnsProducer.java
(original)
+++
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sns/SnsProducer.java
Thu May 19 07:28:28 2011
@@ -22,8 +22,8 @@ import com.amazonaws.services.sns.model.
import org.apache.camel.Endpoint;
import org.apache.camel.Exchange;
import org.apache.camel.Message;
-import org.apache.camel.impl.DefaultEndpoint;
import org.apache.camel.impl.DefaultProducer;
+import org.apache.camel.util.UriUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -81,7 +81,7 @@ public class SnsProducer extends Default
@Override
public String toString() {
- return "SnsProducer[" +
DefaultEndpoint.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
+ return "SnsProducer[" +
UriUtils.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
}
@Override
Modified:
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sqs/SqsConsumer.java
URL:
http://svn.apache.org/viewvc/camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sqs/SqsConsumer.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
---
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sqs/SqsConsumer.java
(original)
+++
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sqs/SqsConsumer.java
Thu May 19 07:28:28 2011
@@ -32,12 +32,12 @@ import org.apache.camel.Exchange;
import org.apache.camel.NoFactoryAvailableException;
import org.apache.camel.Processor;
import org.apache.camel.ShutdownRunningTask;
-import org.apache.camel.impl.DefaultEndpoint;
import org.apache.camel.impl.ScheduledPollConsumer;
import org.apache.camel.spi.ShutdownAware;
import org.apache.camel.spi.Synchronization;
import org.apache.camel.util.CastUtils;
import org.apache.camel.util.ObjectHelper;
+import org.apache.camel.util.URISupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -229,6 +229,6 @@ public class SqsConsumer extends Schedul
@Override
public String toString() {
- return "SqsConsumer[" +
DefaultEndpoint.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
+ return "SqsConsumer[" +
URISupport.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
}
}
Modified:
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sqs/SqsProducer.java
URL:
http://svn.apache.org/viewvc/camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sqs/SqsProducer.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
---
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sqs/SqsProducer.java
(original)
+++
camel/trunk/components/camel-aws/src/main/java/org/apache/camel/component/aws/sqs/SqsProducer.java
Thu May 19 07:28:28 2011
@@ -23,8 +23,8 @@ import com.amazonaws.services.sqs.model.
import org.apache.camel.Exchange;
import org.apache.camel.Message;
import org.apache.camel.NoFactoryAvailableException;
-import org.apache.camel.impl.DefaultEndpoint;
import org.apache.camel.impl.DefaultProducer;
+import org.apache.camel.util.URISupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -81,6 +81,6 @@ public class SqsProducer extends Default
@Override
public String toString() {
- return "SqsProducer[" +
DefaultEndpoint.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
+ return "SqsProducer[" +
URISupport.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
}
}
Modified:
camel/trunk/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/FtpConsumer.java
URL:
http://svn.apache.org/viewvc/camel/trunk/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/FtpConsumer.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
---
camel/trunk/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/FtpConsumer.java
(original)
+++
camel/trunk/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/FtpConsumer.java
Thu May 19 07:28:28 2011
@@ -22,6 +22,7 @@ import org.apache.camel.Processor;
import org.apache.camel.component.file.GenericFile;
import org.apache.camel.util.FileUtil;
import org.apache.camel.util.ObjectHelper;
+import org.apache.camel.util.URISupport;
import org.apache.commons.net.ftp.FTPFile;
/**
@@ -172,4 +173,8 @@ public class FtpConsumer extends RemoteF
return config.isStepwise();
}
+ @Override
+ public String toString() {
+ return "FtpConsumer[" +
URISupport.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
+ }
}
Modified:
camel/trunk/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/RemoteFileProducer.java
URL:
http://svn.apache.org/viewvc/camel/trunk/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/RemoteFileProducer.java?rev=1124568&r1=1124567&r2=1124568&view=diff
==============================================================================
---
camel/trunk/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/RemoteFileProducer.java
(original)
+++
camel/trunk/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/RemoteFileProducer.java
Thu May 19 07:28:28 2011
@@ -22,6 +22,7 @@ import org.apache.camel.component.file.G
import org.apache.camel.component.file.GenericFileProducer;
import org.apache.camel.util.ExchangeHelper;
import org.apache.camel.util.ObjectHelper;
+import org.apache.camel.util.URISupport;
/**
* Generic remote file producer for all the FTP variations.
@@ -207,4 +208,8 @@ public class RemoteFileProducer<T> exten
return false;
}
+ @Override
+ public String toString() {
+ return "RemoteFileProducer[" +
URISupport.sanitizeUri(getEndpoint().getEndpointUri()) + "]";
+ }
}
Added:
camel/trunk/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FtpEndpointURISanitizedTest.java
URL:
http://svn.apache.org/viewvc/camel/trunk/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FtpEndpointURISanitizedTest.java?rev=1124568&view=auto
==============================================================================
---
camel/trunk/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FtpEndpointURISanitizedTest.java
(added)
+++
camel/trunk/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FtpEndpointURISanitizedTest.java
Thu May 19 07:28:28 2011
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.camel.component.file.remote;
+
+import org.apache.camel.Consumer;
+import org.apache.camel.Endpoint;
+import org.apache.camel.Producer;
+import org.junit.Test;
+
+/**
+ * Test to ensure the FtpEndpoint URI is sanitized.
+ */
+public class FtpEndpointURISanitizedTest extends FtpServerTestSupport {
+
+ private String password = "secret";
+
+ protected String getFtpUrl() {
+ return "ftp://admin@localhost:"; + getPort() + "///foo?password=" +
password + "&delay=5000";
+ }
+
+ @Test
+ public void testFtpConsumerUriSanitized() throws Exception {
+ Endpoint endpoint = context.getEndpoint(getFtpUrl());
+ Consumer consumer = endpoint.createConsumer(null);
+ assertFalse(consumer.toString().contains(password));
+ }
+
+ @Test
+ public void testFtpProducerUriSanitized() throws Exception {
+ Endpoint endpoint = context.getEndpoint(getFtpUrl());
+ Producer producer = endpoint.createProducer();
+ assertFalse(producer.toString().contains(password));
+ }
+}
Propchange:
camel/trunk/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FtpEndpointURISanitizedTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
camel/trunk/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FtpEndpointURISanitizedTest.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
