Hibernate
/
hibernate-orm
mirror of https://github.com/hibernate/hibernate-orm
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

HHH-8122 - Scrub known-sensitive settings from EMF.getProperties()

This commit is contained in:
Steve Ebersole 2013-03-29 12:43:17 -05:00
parent f77b068e91
commit bc85168015
2 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/EntityManagerFactoryImpl.java
View File

@ -150,6 +150,7 @@ public class EntityManagerFactoryImpl implements HibernateEntityManagerFactory {
addAll( props, sessionFactory.getProperties() );
addAll( props, cfg.getProperties() );
addAll( props, configurationValues );
maskOutSensitiveInformation( props );
this.properties = Collections.unmodifiableMap( props );
String entityManagerFactoryName = (String)this.properties.get( AvailableSettings.ENTITY_MANAGER_FACTORY_NAME);
if (entityManagerFactoryName == null) {
@ -207,6 +208,17 @@ public class EntityManagerFactoryImpl implements HibernateEntityManagerFactory {
}
}
private void maskOutSensitiveInformation(HashMap<String, Object> props) {
maskOutIfSet( props, AvailableSettings.JDBC_PASSWORD );
maskOutIfSet( props, org.hibernate.cfg.AvailableSettings.PASS );
}
private void maskOutIfSet(HashMap<String, Object> props, String setting) {
if ( props.containsKey( setting ) ) {
props.put( setting, "****" );
}
}
public EntityManager createEntityManager() {
return createEntityManager( Collections.EMPTY_MAP );
}

10
hibernate-entitymanager/src/test/java/org/hibernate/jpa/test/ejb3configuration/EntityManagerFactorySerializationTest.java
View File

@ -34,6 +34,7 @@ import javax.persistence.EntityManagerFactory;
import org.junit.Test;
import org.hibernate.cfg.AvailableSettings;
import org.hibernate.ejb.HibernateEntityManager;
import org.hibernate.jpa.test.BaseEntityManagerFunctionalTestCase;
import org.hibernate.jpa.test.Cat;
@ -42,6 +43,7 @@ import org.hibernate.jpa.test.Item;
import org.hibernate.jpa.test.Kitten;
import org.hibernate.jpa.test.Wallet;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
/**
@ -127,6 +129,14 @@ public class EntityManagerFactorySerializationTest extends BaseEntityManagerFunc
entityManagerFactory2 == entityManagerFactory);
}
@Test
public void testEntityManagerFactoryProperties() {
EntityManagerFactory entityManagerFactory = entityManagerFactory();
assertTrue( entityManagerFactory.getProperties().containsKey( AvailableSettings.USER ) );
if ( entityManagerFactory.getProperties().containsKey( AvailableSettings.PASS ) ) {
assertEquals( "****", entityManagerFactory.getProperties().get( AvailableSettings.PASS ) );
}
}
@Override
public Class[] getAnnotatedClasses() {