Permalink
Browse files

HHH-8122 - Scrub known-sensitive settings from EMF.getProperties()

  • Loading branch information...
1 parent f77b068 commit bc85168015927f8fc086c812e0e29ab0f328f8c8 @sebersole sebersole committed Mar 29, 2013
@@ -150,6 +150,7 @@ public EntityManagerFactoryImpl(
addAll( props, sessionFactory.getProperties() );
addAll( props, cfg.getProperties() );
addAll( props, configurationValues );
+ maskOutSensitiveInformation( props );
this.properties = Collections.unmodifiableMap( props );
String entityManagerFactoryName = (String)this.properties.get( AvailableSettings.ENTITY_MANAGER_FACTORY_NAME);
if (entityManagerFactoryName == null) {
@@ -207,6 +208,17 @@ private static void addAll(HashMap<String, Object> destination, Map<?,?> source)
}
}
+ private void maskOutSensitiveInformation(HashMap<String, Object> props) {
+ maskOutIfSet( props, AvailableSettings.JDBC_PASSWORD );
+ maskOutIfSet( props, org.hibernate.cfg.AvailableSettings.PASS );
+ }
+
+ private void maskOutIfSet(HashMap<String, Object> props, String setting) {
+ if ( props.containsKey( setting ) ) {
+ props.put( setting, "****" );
+ }
+ }
+
public EntityManager createEntityManager() {
return createEntityManager( Collections.EMPTY_MAP );
}
@@ -34,6 +34,7 @@
import org.junit.Test;
+import org.hibernate.cfg.AvailableSettings;
import org.hibernate.ejb.HibernateEntityManager;
import org.hibernate.jpa.test.BaseEntityManagerFunctionalTestCase;
import org.hibernate.jpa.test.Cat;
@@ -42,6 +43,7 @@
import org.hibernate.jpa.test.Kitten;
import org.hibernate.jpa.test.Wallet;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
/**
@@ -127,6 +129,14 @@ public void testEntityManagerFactorySerialization() throws Exception {
entityManagerFactory2 == entityManagerFactory);
}
+ @Test
+ public void testEntityManagerFactoryProperties() {
+ EntityManagerFactory entityManagerFactory = entityManagerFactory();
+ assertTrue( entityManagerFactory.getProperties().containsKey( AvailableSettings.USER ) );
+ if ( entityManagerFactory.getProperties().containsKey( AvailableSettings.PASS ) ) {
+ assertEquals( "****", entityManagerFactory.getProperties().get( AvailableSettings.PASS ) );
+ }
+ }
@Override
public Class[] getAnnotatedClasses() {

0 comments on commit bc85168

Please sign in to comment.