svn commit: r1459681 - /tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/PoolProperties.java

Fri, 22 Mar 2013 02:16:34 -0700 

Author: kkolinko
Date: Fri Mar 22 09:16:06 2013
New Revision: 1459681

URL: http://svn.apache.org/r1459681
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54599
jdbc-pool: Do not expose connection password via DataSource.toString().
Based on a patch by Daniel Mikusa

Modified:
    
tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/PoolProperties.java

Modified: 
tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/PoolProperties.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/PoolProperties.java?rev=1459681&r1=1459680&r2=1459681&view=diff
==============================================================================
--- 
tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/PoolProperties.java
 (original)
+++ 
tomcat/trunk/modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/PoolProperties.java
 Fri Mar 22 09:16:06 2013
@@ -802,28 +802,33 @@ public class PoolProperties implements P
         StringBuilder buf = new StringBuilder("ConnectionPool[");
         try {
             String[] fields = DataSourceFactory.ALL_PROPERTIES;
-            for (int i=0; i<fields.length; i++) {
+            for (String field: fields) {
                 final String[] prefix = new String[] {"get","is"};
                 for (int j=0; j<prefix.length; j++) {
 
-                    String name = prefix[j] + fields[i].substring(0, 
1).toUpperCase(Locale.ENGLISH) +
-                                  fields[i].substring(1);
+                    String name = prefix[j]
+                            + field.substring(0, 1).toUpperCase(Locale.ENGLISH)
+                            + field.substring(1);
                     Method m = null;
                     try {
                         m = getClass().getMethod(name);
                     }catch (NoSuchMethodException nm) {
                         continue;
                     }
-                    buf.append(fields[i]);
+                    buf.append(field);
                     buf.append("=");
-                    buf.append(m.invoke(this, new Object[0]));
+                    if (DataSourceFactory.PROP_PASSWORD.equals(field)) {
+                        buf.append("********");
+                    } else {
+                        buf.append(m.invoke(this, new Object[0]));
+                    }
                     buf.append("; ");
                     break;
                 }
             }
         }catch (Exception x) {
-            //shouldn;t happen
-            x.printStackTrace();
+            //shouldn't happen
+            log.debug("toString() call failed", x);
         }
         return buf.toString();
     }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to