summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java41
1 files changed, 20 insertions, 21 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java
index 01d06631d..9bb81902f 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.csadmin;
-
import java.io.IOException;
import java.util.Enumeration;
@@ -30,7 +29,6 @@ import org.apache.velocity.servlet.VelocityServlet;
import com.netscape.certsrv.apps.CMS;
-
public class BaseServlet extends VelocityServlet {
/**
@@ -53,7 +51,8 @@ public class BaseServlet extends VelocityServlet {
if (pin == null) {
try {
response.sendRedirect("login");
- } catch (IOException e) {}
+ } catch (IOException e) {
+ }
return false;
}
return true;
@@ -70,25 +69,25 @@ public class BaseServlet extends VelocityServlet {
// __ (double underscores); however, in the event that
// a security parameter slips through, we perform multiple
// additional checks to insure that it is NOT displayed
- if( pn.startsWith("__") ||
- pn.endsWith("password") ||
- pn.endsWith("passwd") ||
- pn.endsWith("pwd") ||
- pn.equalsIgnoreCase("admin_password_again") ||
- pn.equalsIgnoreCase("directoryManagerPwd") ||
- pn.equalsIgnoreCase("bindpassword") ||
- pn.equalsIgnoreCase("bindpwd") ||
- pn.equalsIgnoreCase("passwd") ||
- pn.equalsIgnoreCase("password") ||
- pn.equalsIgnoreCase("pin") ||
- pn.equalsIgnoreCase("pwd") ||
- pn.equalsIgnoreCase("pwdagain") ||
- pn.equalsIgnoreCase("uPasswd") ) {
- CMS.debug("BaseServlet::service() param name='" + pn +
- "' value='(sensitive)'" );
+ if (pn.startsWith("__") ||
+ pn.endsWith("password") ||
+ pn.endsWith("passwd") ||
+ pn.endsWith("pwd") ||
+ pn.equalsIgnoreCase("admin_password_again") ||
+ pn.equalsIgnoreCase("directoryManagerPwd") ||
+ pn.equalsIgnoreCase("bindpassword") ||
+ pn.equalsIgnoreCase("bindpwd") ||
+ pn.equalsIgnoreCase("passwd") ||
+ pn.equalsIgnoreCase("password") ||
+ pn.equalsIgnoreCase("pin") ||
+ pn.equalsIgnoreCase("pwd") ||
+ pn.equalsIgnoreCase("pwdagain") ||
+ pn.equalsIgnoreCase("uPasswd")) {
+ CMS.debug("BaseServlet::service() param name='" + pn +
+ "' value='(sensitive)'");
} else {
- CMS.debug("BaseServlet::service() param name='" + pn +
- "' value='" + httpReq.getParameter(pn) + "'" );
+ CMS.debug("BaseServlet::service() param name='" + pn +
+ "' value='" + httpReq.getParameter(pn) + "'");
}
}
}
generated by cgit (git 2.34.1) at 2024-07-01 11:23:51 +0000