com.wm.util.security

Class DataSanitizer

java.lang.Object

com.wm.util.security.DataSanitizer

public class DataSanitizer
extends java.lang.Object

A utility class for replacing sensitive data with a mask value. This can be useful for removing clear text passwords from data to be written to a log file.

IMPORTANT: These sanitize methods will modify the object values for matching keys. It is up to the caller to copy/clone the object. There are static helper methods for performing a deep clone of Maps and IData objects.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	DEFAULT_MASK The default mask: *******

Constructor Summary

Constructors

Constructor and Description
DataSanitizer(java.lang.String... keys) The list of keys to sanitize.

Method Summary

Modifier and Type	Method and Description
static IData	cloneIData(IData data) Clones an IData.
static java.util.Map<java.lang.String,java.lang.Object>	cloneMap(java.util.Map<java.lang.String,java.lang.Object> map) Clones a Map.
java.lang.String	getMask() Returns the mask used to replace sensitive values.
boolean	sanitize(IData source) Sanitizes an IData for the specified keys.
boolean	sanitize(java.util.Map<java.lang.String,java.lang.Object> source) Sanitizes a Map for the specified keys.
java.lang.String	sanitize(java.lang.String source) Sanitizes fields identified as sensitiveKeys in a String that does not contain a delimiter.
java.lang.String	sanitize(java.lang.String source, java.lang.String delimiter) Sanitizes fields identified as sensitiveKeys in a String with delimited fields.
boolean	sanitizePojo(java.lang.Object source) Sanitizes a POJO for the specified keys.
void	setMask(java.lang.String mask) Sets the mask that replaces sensitive values.
void	setSkipClasses(java.lang.Class<?>... classes) Classes of the fields to exclude from inspection.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_MASK

public static final java.lang.String DEFAULT_MASK

The default mask: *******

See Also:

Constant Field Values

Constructor Detail

DataSanitizer

public DataSanitizer(java.lang.String... keys)

The list of keys to sanitize. The check to match a key name is case-insensitive.

Parameters:

keys - The list of keys to sanitize.

Method Detail

setSkipClasses

public void setSkipClasses(java.lang.Class<?>... classes)

Classes of the fields to exclude from inspection. This does not include implementations of Map or IData.

Parameters:

classes - Classes containing fields to exclude from inspection.

getMask

public java.lang.String getMask()

Returns the mask used to replace sensitive values. See setMask(String)

Returns:

the mask

setMask

public void setMask(java.lang.String mask)

Sets the mask that replaces sensitive values. The default mask is used if one is not set. See setMask(String)

Parameters:

mask - The mask to use to replace sensitive values.

sanitizePojo

public boolean sanitizePojo(java.lang.Object source)
                     throws DataSanitizerException

Sanitizes a POJO for the specified keys. Any Map, IData, or POJO contained in source are also inspected.

Parameters:

source - the POJO to sanitize

Returns:

true if the POJO is modified (i.e., sanitized)

Throws:

DataSanitizerException

sanitize

public boolean sanitize(IData source)
                 throws DataSanitizerException

Sanitizes an IData for the specified keys. Any Map, IData, or POJO contained in source are also inspected.

Parameters:

source - the IData to sanitize

Returns:

true if the object is modified (i.e., sanitized)

Throws:

DataSanitizerException

sanitize

public boolean sanitize(java.util.Map<java.lang.String,java.lang.Object> source)
                 throws DataSanitizerException

Sanitizes a Map for the specified keys. Any Map, IData, or POJO contained in source are also inspected.

Parameters:

source - the Map to sanitize

Returns:

true if the object is modified (i.e., sanitized)

Throws:

DataSanitizerException

sanitize

public java.lang.String sanitize(java.lang.String source)

Sanitizes fields identified as sensitiveKeys in a String that does not contain a delimiter. In this case, the entire String is masked until another sensitive key is found or the end of the String is reached.

Parameters:

source -

Returns:

a sanitized String

sanitize

public java.lang.String sanitize(java.lang.String source,
                                 java.lang.String delimiter)

Sanitizes fields identified as sensitiveKeys in a String with delimited fields. Note: When source contains key-value pairs, this method recognizes a delimiter; however, it does not recognize a key-value pair separator (e.g., '='). Therefore, the key-value separator will be masked along with the sensitive value.

Parameters:

source - the String to sanitize

delimiter - Optional delimiter to signal end of a key value. If not provided, the mask is applied to the end of the source string.

Returns:

a sanitized String

cloneIData

public static IData cloneIData(IData data)
                        throws DataSanitizerException

Clones an IData. Cloning is performed via IDataUtil.deepClone(IData).

Parameters:

data - IData to clone

Returns:

cloned IData

Throws:

DataSanitizerException

cloneMap

public static java.util.Map<java.lang.String,java.lang.Object> cloneMap(java.util.Map<java.lang.String,java.lang.Object> map)
                                                                 throws DataSanitizerException

Clones a Map. Cloning is performed via Object serialization. This means all the values must implement Serializable and not contain transient fields.

Parameters:

map -

Returns:

clone of map via serial/deserialization.

Throws:

DataSanitizerException