擦除在request body 中记录的密码

b2b2b552 · o2null · 6eaed51b · b2b2b552
Showing with 13 addition and 0 deletion

o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/AuthenticationAction.java ...entication/jaxrs/authentication/AuthenticationAction.java +13 -0

未找到文件。
--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/AuthenticationAction.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/AuthenticationAction.java
@@ -86,6 +86,8 @@ public class AuthenticationAction extends StandardJaxrsAction {
 			logger.error(e, effectivePerson, request, null);
 			result.error(e);
 		}
+		//擦除密码
+		erasePassword(jsonElement);
 		asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result, jsonElement));
 	}

@@ -155,6 +157,8 @@ public class AuthenticationAction extends StandardJaxrsAction {
 			logger.error(e, effectivePerson, request, null);
 			result.error(e);
 		}
+		//擦除密码
+		erasePassword(jsonElement);
 		asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result, jsonElement));
 	}

@@ -486,4 +490,13 @@ public class AuthenticationAction extends StandardJaxrsAction {
 		asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result));
 	}

+	/**
+	 * 由于有日志记录功能,需要将jsonElement中的password进行擦除.
+	 * 
+	 * @param jsonElement
+	 */
+	private void erasePassword(JsonElement jsonElement) {
+		jsonElement.getAsJsonObject().addProperty("password", "******");
+	}
+
 }