diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java index 69dc7910e..8b85cd5be 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java @@ -53,15 +53,35 @@ public class BaseServlet extends VelocityServlet { } public void outputHttpParameters(HttpServletRequest httpReq) { - CMS.debug("CMSServlet:serice() uri = " + httpReq.getRequestURI()); + CMS.debug("BaseServlet:service() uri = " + httpReq.getRequestURI()); Enumeration paramNames = httpReq.getParameterNames(); while (paramNames.hasMoreElements()) { String pn = (String) paramNames.nextElement(); - - CMS.debug( - "CMSServlet::service() param name='" + pn + "' value='" - + httpReq.getParameter(pn) + "'"); + // added this facility so that password can be hidden, + // all sensitive parameters should be prefixed with + // __ (double underscores); however, in the event that + // a security parameter slips through, we perform multiple + // additional checks to insure that it is NOT displayed + if( pn.startsWith("__") || + pn.endsWith("password") || + pn.endsWith("passwd") || + pn.endsWith("pwd") || + pn.equalsIgnoreCase("admin_password_again") || + pn.equalsIgnoreCase("bindpassword") || + pn.equalsIgnoreCase("bindpwd") || + pn.equalsIgnoreCase("passwd") || + pn.equalsIgnoreCase("password") || + pn.equalsIgnoreCase("pin") || + pn.equalsIgnoreCase("pwd") || + pn.equalsIgnoreCase("pwdagain") || + pn.equalsIgnoreCase("uPasswd") ) { + CMS.debug("BaseServlet::service() param name='" + pn + + "' value='(sensitive)'" ); + } else { + CMS.debug("BaseServlet::service() param name='" + pn + + "' value='" + httpReq.getParameter(pn) + "'" ); + } } } |