1 files changed, 39 insertions, 34 deletions

diff --git a/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java b/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java
index 85ef4fa0..2ac7f612 100644
--- a/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java
@@ -480,40 +480,7 @@ public class ProfileSubmitServlet extends ProfileServlet {
         ArgSet args = new ArgSet();
 
         if (CMS.debugOn()) {
-            CMS.debug("Start of ProfileSubmitServlet Input Parameters");
-            @SuppressWarnings("unchecked")
-            Enumeration<String> paramNames = request.getParameterNames();
-
-            while (paramNames.hasMoreElements()) {
-                String paramName = paramNames.nextElement();
-                // added this facility so that password can be hidden,
-                // all sensitive parameters should be prefixed with
-                // __ (double underscores); however, in the event that
-                // a security parameter slips through, we perform multiple
-                // additional checks to insure that it is NOT displayed
-                if (paramName.startsWith("__") ||
-                        paramName.endsWith("password") ||
-                        paramName.endsWith("passwd") ||
-                        paramName.endsWith("pwd") ||
-                        paramName.equalsIgnoreCase("admin_password_again") ||
-                        paramName.equalsIgnoreCase("directoryManagerPwd") ||
-                        paramName.equalsIgnoreCase("bindpassword") ||
-                        paramName.equalsIgnoreCase("bindpwd") ||
-                        paramName.equalsIgnoreCase("passwd") ||
-                        paramName.equalsIgnoreCase("password") ||
-                        paramName.equalsIgnoreCase("pin") ||
-                        paramName.equalsIgnoreCase("pwd") ||
-                        paramName.equalsIgnoreCase("pwdagain") ||
-                        paramName.equalsIgnoreCase("uPasswd")) {
-                    CMS.debug("ProfileSubmitServlet Input Parameter " +
-                              paramName + "='(sensitive)'");
-                } else {
-                    CMS.debug("ProfileSubmitServlet Input Parameter " +
-                              paramName + "='" +
-                              request.getParameter(paramName) + "'");
-                }
-            }
-            CMS.debug("End of ProfileSubmitServlet Input Parameters");
+            printParameterValues(request);
         }
 
         CMS.debug("ProfileSubmitServlet: start serving");
@@ -1446,6 +1413,7 @@ public class ProfileSubmitServlet extends ProfileServlet {
         } catch (EBaseException eAudit1) {
             // store a message in the signed audit log file
             // (automated cert request processed - "rejected")
+
             auditMessage = CMS.getLogMessage(
                         LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED,
                         auditSubjectID,
@@ -1468,6 +1436,43 @@ public class ProfileSubmitServlet extends ProfileServlet {
         }
     }
 
+    private void printParameterValues(HttpServletRequest request) {
+        CMS.debug("Start of ProfileSubmitServlet Input Parameters");
+        @SuppressWarnings("unchecked")
+        Enumeration<String> paramNames = request.getParameterNames();
+
+        while (paramNames.hasMoreElements()) {
+            String paramName = paramNames.nextElement();
+            // added this facility so that password can be hidden,
+            // all sensitive parameters should be prefixed with
+            // __ (double underscores); however, in the event that
+            // a security parameter slips through, we perform multiple
+            // additional checks to insure that it is NOT displayed
+            if (paramName.startsWith("__") ||
+                    paramName.endsWith("password") ||
+                    paramName.endsWith("passwd") ||
+                    paramName.endsWith("pwd") ||
+                    paramName.equalsIgnoreCase("admin_password_again") ||
+                    paramName.equalsIgnoreCase("directoryManagerPwd") ||
+                    paramName.equalsIgnoreCase("bindpassword") ||
+                    paramName.equalsIgnoreCase("bindpwd") ||
+                    paramName.equalsIgnoreCase("passwd") ||
+                    paramName.equalsIgnoreCase("password") ||
+                    paramName.equalsIgnoreCase("pin") ||
+                    paramName.equalsIgnoreCase("pwd") ||
+                    paramName.equalsIgnoreCase("pwdagain") ||
+                    paramName.equalsIgnoreCase("uPasswd")) {
+                CMS.debug("ProfileSubmitServlet Input Parameter " +
+                          paramName + "='(sensitive)'");
+            } else {
+                CMS.debug("ProfileSubmitServlet Input Parameter " +
+                          paramName + "='" +
+                          request.getParameter(paramName) + "'");
+            }
+        }
+        CMS.debug("End of ProfileSubmitServlet Input Parameters");
+    }
+
     private void xmlOutput(HttpServletResponse httpResp, IProfile profile, Locale locale, IRequest[] reqs) {
         try {
             XMLObject xmlObj = null;