From f584efd574f4949ea4574b1a7eb12bbde6aaaf53 Mon Sep 17 00:00:00 2001 From: Justin Bertram Date: Mon, 29 Apr 2019 12:42:27 -0500 Subject: [PATCH] ARTEMIS-2326 remove pwd params before creating protocol mgr --- .../amqp/broker/ProtonProtocolManagerFactory.java | 1 + .../hornetq/HornetQProtocolManagerFactory.java | 1 + .../protocol/mqtt/MQTTProtocolManagerFactory.java | 1 + .../openwire/OpenWireProtocolManagerFactory.java | 1 + .../protocol/stomp/StompProtocolManagerFactory.java | 1 + .../core/impl/CoreProtocolManagerFactory.java | 1 + .../core/protocol/AbstractProtocolManagerFactory.java | 11 +++++++++++ 7 files changed, 17 insertions(+) diff --git a/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/ProtonProtocolManagerFactory.java b/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/ProtonProtocolManagerFactory.java index 84e7af4c84..cd21e460fb 100644 --- a/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/ProtonProtocolManagerFactory.java +++ b/artemis-protocols/artemis-amqp-protocol/src/main/java/org/apache/activemq/artemis/protocol/amqp/broker/ProtonProtocolManagerFactory.java @@ -50,6 +50,7 @@ public class ProtonProtocolManagerFactory extends AbstractProtocolManagerFactory final Map parameters, List incomingInterceptors, List outgoingInterceptors) throws Exception { + stripPasswordParameters(parameters); return BeanSupport.setData(new ProtonProtocolManager(this, server, incomingInterceptors, outgoingInterceptors), parameters); } diff --git a/artemis-protocols/artemis-hornetq-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/hornetq/HornetQProtocolManagerFactory.java b/artemis-protocols/artemis-hornetq-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/hornetq/HornetQProtocolManagerFactory.java index fb9523df1e..de378c5901 100644 --- a/artemis-protocols/artemis-hornetq-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/hornetq/HornetQProtocolManagerFactory.java +++ b/artemis-protocols/artemis-hornetq-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/hornetq/HornetQProtocolManagerFactory.java @@ -49,6 +49,7 @@ public class HornetQProtocolManagerFactory extends CoreProtocolManagerFactory { hqIncoming.add(new HQPropertiesConversionInterceptor(true)); hqOutgoing.add(new HQPropertiesConversionInterceptor(false)); + stripPasswordParameters(parameters); return BeanSupport.setData(new HornetQProtocolManager(this, server, hqIncoming, hqOutgoing), parameters); } diff --git a/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTProtocolManagerFactory.java b/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTProtocolManagerFactory.java index 74a29e66fb..499d3e4704 100644 --- a/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTProtocolManagerFactory.java +++ b/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTProtocolManagerFactory.java @@ -46,6 +46,7 @@ public class MQTTProtocolManagerFactory extends AbstractProtocolManagerFactory parameters, List incomingInterceptors, List outgoingInterceptors) throws Exception { + stripPasswordParameters(parameters); return BeanSupport.setData(new MQTTProtocolManager(server, connectedClients, sessionStates, incomingInterceptors, outgoingInterceptors), parameters); } diff --git a/artemis-protocols/artemis-openwire-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/openwire/OpenWireProtocolManagerFactory.java b/artemis-protocols/artemis-openwire-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/openwire/OpenWireProtocolManagerFactory.java index 772ce8b81e..ceb6a054d6 100644 --- a/artemis-protocols/artemis-openwire-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/openwire/OpenWireProtocolManagerFactory.java +++ b/artemis-protocols/artemis-openwire-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/openwire/OpenWireProtocolManagerFactory.java @@ -43,6 +43,7 @@ public class OpenWireProtocolManagerFactory extends AbstractProtocolManagerFacto Map parameters, final List incomingInterceptors, List outgoingInterceptors) throws Exception { + stripPasswordParameters(parameters); return BeanSupport.setData(new OpenWireProtocolManager(this, server), parameters); } diff --git a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompProtocolManagerFactory.java b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompProtocolManagerFactory.java index f7d5d4ab0e..f6c61c60b4 100644 --- a/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompProtocolManagerFactory.java +++ b/artemis-protocols/artemis-stomp-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/stomp/StompProtocolManagerFactory.java @@ -41,6 +41,7 @@ public class StompProtocolManagerFactory extends AbstractProtocolManagerFactory< final Map parameters, final List incomingInterceptors, List outgoingInterceptors) throws Exception { + stripPasswordParameters(parameters); return BeanSupport.setData(new StompProtocolManager(this, server, filterInterceptors(incomingInterceptors), filterInterceptors(outgoingInterceptors)), parameters); } diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/protocol/core/impl/CoreProtocolManagerFactory.java b/artemis-server/src/main/java/org/apache/activemq/artemis/core/protocol/core/impl/CoreProtocolManagerFactory.java index c442231d39..75909246e0 100644 --- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/protocol/core/impl/CoreProtocolManagerFactory.java +++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/protocol/core/impl/CoreProtocolManagerFactory.java @@ -54,6 +54,7 @@ public class CoreProtocolManagerFactory extends AbstractProtocolManagerFactory parameters, final List incomingInterceptors, List outgoingInterceptors) throws Exception { + stripPasswordParameters(parameters); return BeanSupport.setData(new CoreProtocolManager(this, server, filterInterceptors(incomingInterceptors), filterInterceptors(outgoingInterceptors)), parameters); } diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/protocol/AbstractProtocolManagerFactory.java b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/protocol/AbstractProtocolManagerFactory.java index 10fb249eef..a8284c1a50 100644 --- a/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/protocol/AbstractProtocolManagerFactory.java +++ b/artemis-server/src/main/java/org/apache/activemq/artemis/spi/core/protocol/AbstractProtocolManagerFactory.java @@ -19,6 +19,7 @@ package org.apache.activemq.artemis.spi.core.protocol; import java.util.Collections; import java.util.List; +import java.util.Map; import java.util.concurrent.CopyOnWriteArrayList; import org.apache.activemq.artemis.api.core.BaseInterceptor; @@ -47,4 +48,14 @@ public abstract class AbstractProtocolManagerFactory

return listOut; } } + + /** + * org.apache.commons.beanutils.BeanUtils will log all the parameters so we strip out any password parameters + * (e.g. passwords for SSL keystore & truststore) + * + * @param parameters + */ + protected void stripPasswordParameters(Map parameters) { + parameters.entrySet().removeIf(entries->entries.getKey().toLowerCase().contains("password")); + } }