org.teiid.core.util

Class PasswordMaskUtil

java.lang.Object

org.teiid.core.util.PasswordMaskUtil

public final class PasswordMaskUtil
extends Object

This is a simple utility class to help keep password values from being printed out, primarily from java.util.Properties object, into MetaMatrix log files. This is not a robust security solution for protecting passwords, and is only good insofar as we get all other code to use this when necessary. When passwords are properly encrypted in the database, this class will be no longer necessary.

This class can be used in one of two ways. First, a Properties object can be wrapped in an instance of this class - the properties object, wrapped in this instance, can then be safely sent to LogManager to be logged, or can otherwise be printed out. This instance will basically duplicate the toString() method of a normal Properties object, but will obfuscate any property values whose names end in any of the well-known password property suffixes.

The second way is to just use this class's static doesNameEndWithPasswordSuffix utility method by hand, passing in a String property name to see if it ends with any of the well-known password property suffixes.

Field Summary

Fields

Modifier and Type	Field and Description
static String	MASK_STRING The "mask" String that is printed out of the toString() method, instead of the actual password value.
static String[]	PASSWORD_PROP_SUFFIXES The known String suffixes that MetaMatrix property names end in.

Constructor Summary

Constructors

Constructor and Description
PasswordMaskUtil(Properties propertiesWithPassword) A Properties object can be wrapped by this class before, say, being sent to LogManager.

Method Summary

Modifier and Type	Method and Description
static boolean	doesNameEndWithPasswordSuffix(String propName) Indicates if the String propName ends in any of the well-known password property suffixes.
String	toString() This toString() method is basically the same as the java.util.Properties class's toString() method, except that if any of the properties in this class end with any of the well-known password suffixes, then the value will be printed out as MASK_STRING

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

PASSWORD_PROP_SUFFIXES

public static final String[] PASSWORD_PROP_SUFFIXES

The known String suffixes that MetaMatrix property names end in. Each of these is checked.

MASK_STRING

public static final String MASK_STRING

The "mask" String that is printed out of the toString() method, instead of the actual password value.

See Also:

Constant Field Values

Constructor Detail

PasswordMaskUtil

public PasswordMaskUtil(Properties propertiesWithPassword)

A Properties object can be wrapped by this class before, say, being sent to LogManager. If this toString() method is called, password properties will be printed out as a masked string.

Parameters:

propertiesWithPassword - Properties object that has password property values inside it

Method Detail

toString

public String toString()

This toString() method is basically the same as the java.util.Properties class's toString() method, except that if any of the properties in this class end with any of the well-known password suffixes, then the value will be printed out as MASK_STRING

Overrides:

toString in class Object

doesNameEndWithPasswordSuffix

public static boolean doesNameEndWithPasswordSuffix(String propName)

Indicates if the String propName ends in any of the well-known password property suffixes.