Hi Sebb, sebb wrote:
> On 21 February 2013 09:25, <joe...@apache.org> wrote: >> Author: joehni >> Date: Thu Feb 21 09:25:37 2013 >> New Revision: 1448560 >> >> URL: http://svn.apache.org/r1448560 >> Log: >> Sent FTP/FTPS commands and the received answer is logged at debug level >> (VFS-459). [snip] >> @@ -97,6 +104,23 @@ public final class FtpClientFactory >> { >> final C client = createClient(fileSystemOptions); >> >> + if (log.isDebugEnabled()) { >> + final Writer writer = new >> StringWriter(1024){ >> + @Override >> + public void flush() >> + { >> + final >> StringBuffer buffer = getBuffer(); >> + String message = >> buffer.toString(); >> + if >> (message.toUpperCase().startsWith("PASS ") && message.length() > 5) { >> + message = >> "PASS ***"; >> + } >> + >> log.debug(message); >> + >> buffer.setLength(0); >> + } >> + }; >> + client.addProtocolCommandListener(new >> PrintCommandListener(new PrintWriter(writer))); > > Why not use the built-in login suppression facility? > > client.addProtocolCommandListener(new PrintCommandListener(new > PrintWriter(writer), true)); Because the built-in login suppression hides password AND user. > Also, AFAICT the obfuscation only applies to messages which happen to > have the PASS command at the start of a buffer when flush is called. Yes, but that's the case. The PrintWriter flushes for each line and the implementation above clears the buffer after each line. Cheers, Jörg --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
