Hide some attributes in logs and in session explorer (#612)
This commit is contained in:
parent
812bd51554
commit
e0b2a25cab
|
@ -24,7 +24,7 @@ use utf8;
|
||||||
our $whatToTrace;
|
our $whatToTrace;
|
||||||
*whatToTrace = \$Lemonldap::NG::Handler::_CGI::whatToTrace;
|
*whatToTrace = \$Lemonldap::NG::Handler::_CGI::whatToTrace;
|
||||||
|
|
||||||
our $VERSION = '1.2.5';
|
our $VERSION = '1.3.0';
|
||||||
|
|
||||||
our @ISA = qw(
|
our @ISA = qw(
|
||||||
Lemonldap::NG::Handler::CGI
|
Lemonldap::NG::Handler::CGI
|
||||||
|
@ -80,6 +80,10 @@ sub new {
|
||||||
# Multi values separator
|
# Multi values separator
|
||||||
$self->{multiValuesSeparator} ||= '; ';
|
$self->{multiValuesSeparator} ||= '; ';
|
||||||
|
|
||||||
|
# Attributes to hide
|
||||||
|
$self->{hiddenAttributes} = "_password"
|
||||||
|
unless defined $self->{hiddenAttributes};
|
||||||
|
|
||||||
# Now we're ready to display sessions. Choose display type
|
# Now we're ready to display sessions. Choose display type
|
||||||
foreach my $k ( $self->param() ) {
|
foreach my $k ( $self->param() ) {
|
||||||
|
|
||||||
|
@ -445,8 +449,8 @@ sub session {
|
||||||
$value = $newvalue;
|
$value = $newvalue;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Hide password
|
# Hide attributes
|
||||||
$value = '******' if ( $_ =~ /^_password$/ );
|
$value = '****' if ( $self->{hiddenAttributes} =~ /\b$_\b/ );
|
||||||
|
|
||||||
# Manage timestamp
|
# Manage timestamp
|
||||||
if ( $_ =~ /^(_utime|_lastAuthnUTime)$/ ) {
|
if ( $_ =~ /^(_utime|_lastAuthnUTime)$/ ) {
|
||||||
|
|
|
@ -572,6 +572,8 @@ sub setDefaultValues {
|
||||||
$self->{confirmFormMethod} ||= "post";
|
$self->{confirmFormMethod} ||= "post";
|
||||||
$self->{redirectFormMethod} ||= "get";
|
$self->{redirectFormMethod} ||= "get";
|
||||||
$self->{authChoiceParam} ||= "lmAuth";
|
$self->{authChoiceParam} ||= "lmAuth";
|
||||||
|
$self->{hiddenAttributes} = "_password"
|
||||||
|
unless defined $self->{hiddenAttributes};
|
||||||
|
|
||||||
# Set default userDB and passwordDB to DBI if authentication is DBI
|
# Set default userDB and passwordDB to DBI if authentication is DBI
|
||||||
if ( $self->{authentication} =~ /DBI/i ) {
|
if ( $self->{authentication} =~ /DBI/i ) {
|
||||||
|
@ -759,9 +761,9 @@ sub buildHiddenForm {
|
||||||
|
|
||||||
# Build hidden input HTML code
|
# Build hidden input HTML code
|
||||||
$val .=
|
$val .=
|
||||||
'<input type="hidden" name="'
|
'<input type="hidden" name="'
|
||||||
. $_
|
. $_
|
||||||
. '" id="'
|
. '" id="'
|
||||||
. $_
|
. $_
|
||||||
. '" value="'
|
. '" value="'
|
||||||
. $self->{portalHiddenFormValues}->{$_} . '" />';
|
. $self->{portalHiddenFormValues}->{$_} . '" />';
|
||||||
|
@ -2453,9 +2455,11 @@ sub store {
|
||||||
or return PE_APACHESESSIONERROR;
|
or return PE_APACHESESSIONERROR;
|
||||||
foreach my $k ( keys %{ $self->{sessionInfo} } ) {
|
foreach my $k ( keys %{ $self->{sessionInfo} } ) {
|
||||||
next unless defined $self->{sessionInfo}->{$k};
|
next unless defined $self->{sessionInfo}->{$k};
|
||||||
$self->lmLog(
|
my $displayValue = $self->{sessionInfo}->{$k};
|
||||||
"Store " . $self->{sessionInfo}->{$k} . " in session key $k",
|
if ( $self->{hiddenAttributes} =~ /\b$k\b/ ) {
|
||||||
'debug' );
|
$displayValue = '****';
|
||||||
|
}
|
||||||
|
$self->lmLog( "Store $displayValue in session key $k", 'debug' );
|
||||||
$h->{$k} = $self->{sessionInfo}->{$k};
|
$h->{$k} = $self->{sessionInfo}->{$k};
|
||||||
}
|
}
|
||||||
untie %$h;
|
untie %$h;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user