HHH-8122 - Scrub known-sensitive settings from EMF.getProperties()

(cherry picked from commit bc85168015)

Conflicts:

	hibernate-entitymanager/src/main/java/org/hibernate/ejb/EntityManagerFactoryImpl.java
This commit is contained in:
Steve Ebersole 2013-03-29 12:43:17 -05:00
parent 2758b8b494
commit f22a8f627b
2 changed files with 27 additions and 3 deletions

View File

@ -1,8 +1,10 @@
/*
* Copyright (c) 2009, Red Hat Middleware LLC or third-party contributors as
* Hibernate, Relational Persistence for Idiomatic Java
*
* Copyright (c) 2013, Red Hat Inc. or third-party contributors as
* indicated by the @author tags or express copyright attribution
* statements applied by the authors. All third-party contributions are
* distributed under license by Red Hat Middleware LLC.
* distributed under license by Red Hat Inc.
*
* This copyrighted material is made available to anyone wishing to use, modify,
* copy, or redistribute it subject to the terms and conditions of the GNU
@ -113,6 +115,7 @@ public class EntityManagerFactoryImpl implements HibernateEntityManagerFactory {
HashMap<String,Object> props = new HashMap<String, Object>();
addAll( props, ( (SessionFactoryImplementor) sessionFactory ).getProperties() );
addAll( props, cfg.getProperties() );
maskOutSensitiveInformation( props );
this.properties = Collections.unmodifiableMap( props );
String entityManagerFactoryName = (String)this.properties.get(AvailableSettings.ENTITY_MANAGER_FACTORY_NAME);
if (entityManagerFactoryName == null) {
@ -170,6 +173,17 @@ public class EntityManagerFactoryImpl implements HibernateEntityManagerFactory {
}
}
private void maskOutSensitiveInformation(HashMap<String, Object> props) {
maskOutIfSet( props, AvailableSettings.JDBC_PASSWORD );
maskOutIfSet( props, org.hibernate.cfg.AvailableSettings.PASS );
}
private void maskOutIfSet(HashMap<String, Object> props, String setting) {
if ( props.containsKey( setting ) ) {
props.put( setting, "****" );
}
}
public EntityManager createEntityManager() {
return createEntityManager( null );
}

View File

@ -34,6 +34,7 @@ import javax.persistence.EntityManagerFactory;
import org.junit.Test;
import org.hibernate.cfg.AvailableSettings;
import org.hibernate.ejb.HibernateEntityManager;
import org.hibernate.ejb.test.BaseEntityManagerFunctionalTestCase;
import org.hibernate.ejb.test.Cat;
@ -42,6 +43,7 @@ import org.hibernate.ejb.test.Item;
import org.hibernate.ejb.test.Kitten;
import org.hibernate.ejb.test.Wallet;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
/**
@ -127,6 +129,14 @@ public class EntityManagerFactorySerializationTest extends BaseEntityManagerFunc
entityManagerFactory2 == entityManagerFactory);
}
@Test
public void testEntityManagerFactoryProperties() {
EntityManagerFactory entityManagerFactory = entityManagerFactory();
assertTrue( entityManagerFactory.getProperties().containsKey( AvailableSettings.USER ) );
if ( entityManagerFactory.getProperties().containsKey( AvailableSettings.PASS ) ) {
assertEquals( "****", entityManagerFactory.getProperties().get( AvailableSettings.PASS ) );
}
}
@Override
public Class[] getAnnotatedClasses() {