FAQ
A question for Michael Gentry ...

I am nitpicking here, but with the new password encoder feature, on
startup Cayenne prints encoder class, password location and other
related information. Would it be ok to make this output conditional
on encoder class being not PlainTextPasswordEncoder per patch below?

What do you think?

Thanks
Andrus


Index: framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
cayenne/conn/DataSourceInfo.java
===================================================================
--- framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
cayenne/conn/DataSourceInfo.java (revision 525813)
+++ framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
cayenne/conn/DataSourceInfo.java (working copy)
@@ -23,6 +23,7 @@
import java.io.Serializable;
import org.apache.cayenne.conf.PasswordEncoding;
+import org.apache.cayenne.conf.PlainTextPasswordEncoder;
import org.apache.cayenne.util.Util;
/**
@@ -133,16 +134,16 @@
.append("\n min. connections: ")
.append(minConnections)
.append("\n max. connections: ")
- .append(maxConnections)
- .append("\n encoder class: ")
- .append(passwordEncoderClass)
- .append("\n encoder salt: ")
- .append(passwordEncoderSalt)
- .append("\n password location: ")
- .append(passwordLocation)
- .append("\n password source: ")
- .append(getPasswordSource())
- .append("\n]");
+ .append(maxConnections);
+
+ if (!PlainTextPasswordEncoder.class.getName().equals
(this.passwordEncoderClass)) {
+ buf.append("\n encoder class: ").append
(passwordEncoderClass).append(
+ "\n encoder salt: ").append
(passwordEncoderSalt).append(
+ "\n password location: ").append
(passwordLocation).append(
+ "\n password source: ").append
(getPasswordSource());
+ }
+
+ buf.append("\n]");
return buf.toString();
}

Search Discussions

  • Michael Gentry at Apr 8, 2007 at 8:59 pm
    Well, not that I'm opposed, but even if using the
    PlainTextPasswordEncoder, the password source could still be an URL
    (file: or http:), a file in the CLASSPATH, or obtained by running an
    executable program, so logging that info might still be useful ...

    Perhaps could add more logic, like if using a built-in encoder, don't
    log the salt (not used), etc, but that might just be more complicated
    than it is worth.

    Thoughts?

    Thanks,

    /dev/mrg

    On 4/8/07, Andrus Adamchik wrote:
    A question for Michael Gentry ...

    I am nitpicking here, but with the new password encoder feature, on
    startup Cayenne prints encoder class, password location and other
    related information. Would it be ok to make this output conditional
    on encoder class being not PlainTextPasswordEncoder per patch below?

    What do you think?

    Thanks
    Andrus


    Index: framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java
    ===================================================================
    --- framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java (revision 525813)
    +++ framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java (working copy)
    @@ -23,6 +23,7 @@
    import java.io.Serializable;
    import org.apache.cayenne.conf.PasswordEncoding;
    +import org.apache.cayenne.conf.PlainTextPasswordEncoder;
    import org.apache.cayenne.util.Util;
    /**
    @@ -133,16 +134,16 @@
    .append("\n min. connections: ")
    .append(minConnections)
    .append("\n max. connections: ")
    - .append(maxConnections)
    - .append("\n encoder class: ")
    - .append(passwordEncoderClass)
    - .append("\n encoder salt: ")
    - .append(passwordEncoderSalt)
    - .append("\n password location: ")
    - .append(passwordLocation)
    - .append("\n password source: ")
    - .append(getPasswordSource())
    - .append("\n]");
    + .append(maxConnections);
    +
    + if (!PlainTextPasswordEncoder.class.getName().equals
    (this.passwordEncoderClass)) {
    + buf.append("\n encoder class: ").append
    (passwordEncoderClass).append(
    + "\n encoder salt: ").append
    (passwordEncoderSalt).append(
    + "\n password location: ").append
    (passwordLocation).append(
    + "\n password source: ").append
    (getPasswordSource());
    + }
    +
    + buf.append("\n]");
    return buf.toString();
    }
  • Andrus Adamchik at Apr 9, 2007 at 10:09 am

    Perhaps could add more logic, like if using a built-in encoder, don't
    log the salt (not used), etc, but that might just be more complicated
    than it is worth.
    Thanks for the clarification. That's what I just did:

    http://svn.apache.org/viewvc?view=rev&revision=526699

    I added a few more conditionals, so that the default encoder and
    location are not printed. I think added clarity is worth 5 minutes
    that I spent on it :-) If there are other ideas, please fill free to
    further update this code.

    Andrus


    On Apr 9, 2007, at 12:59 AM, Michael Gentry wrote:
    Well, not that I'm opposed, but even if using the
    PlainTextPasswordEncoder, the password source could still be an URL
    (file: or http:), a file in the CLASSPATH, or obtained by running an
    executable program, so logging that info might still be useful ...

    Perhaps could add more logic, like if using a built-in encoder, don't
    log the salt (not used), etc, but that might just be more complicated
    than it is worth.

    Thoughts?

    Thanks,

    /dev/mrg

    On 4/8/07, Andrus Adamchik wrote:
    A question for Michael Gentry ...

    I am nitpicking here, but with the new password encoder feature, on
    startup Cayenne prints encoder class, password location and other
    related information. Would it be ok to make this output conditional
    on encoder class being not PlainTextPasswordEncoder per patch below?

    What do you think?

    Thanks
    Andrus


    Index: framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java
    ===================================================================
    --- framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java (revision 525813)
    +++ framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java (working copy)
    @@ -23,6 +23,7 @@
    import java.io.Serializable;
    import org.apache.cayenne.conf.PasswordEncoding;
    +import org.apache.cayenne.conf.PlainTextPasswordEncoder;
    import org.apache.cayenne.util.Util;
    /**
    @@ -133,16 +134,16 @@
    .append("\n min. connections: ")
    .append(minConnections)
    .append("\n max. connections: ")
    - .append(maxConnections)
    - .append("\n encoder class: ")
    - .append(passwordEncoderClass)
    - .append("\n encoder salt: ")
    - .append(passwordEncoderSalt)
    - .append("\n password location: ")
    - .append(passwordLocation)
    - .append("\n password source: ")
    - .append(getPasswordSource())
    - .append("\n]");
    + .append(maxConnections);
    +
    + if (!PlainTextPasswordEncoder.class.getName().equals
    (this.passwordEncoderClass)) {
    + buf.append("\n encoder class: ").append
    (passwordEncoderClass).append(
    + "\n encoder salt: ").append
    (passwordEncoderSalt).append(
    + "\n password location: ").append
    (passwordLocation).append(
    + "\n password source: ").append
    (getPasswordSource());
    + }
    +
    + buf.append("\n]");
    return buf.toString();
    }
  • Andrus Adamchik at Apr 9, 2007 at 10:10 am

    Perhaps could add more logic, like if using a built-in encoder, don't
    log the salt (not used), etc, but that might just be more complicated
    than it is worth.
    Thanks for the clarification. That's what I just did:

    http://svn.apache.org/viewvc?view=rev&revision=526699

    I added a few more conditionals, so that the default encoder and
    location are not printed. I think added clarity is worth 5 minutes
    that I spent on it :-) If there are other ideas, please fill free to
    further update this code.

    Andrus


    On Apr 9, 2007, at 12:59 AM, Michael Gentry wrote:
    Well, not that I'm opposed, but even if using the
    PlainTextPasswordEncoder, the password source could still be an URL
    (file: or http:), a file in the CLASSPATH, or obtained by running an
    executable program, so logging that info might still be useful ...

    Perhaps could add more logic, like if using a built-in encoder, don't
    log the salt (not used), etc, but that might just be more complicated
    than it is worth.

    Thoughts?

    Thanks,

    /dev/mrg

    On 4/8/07, Andrus Adamchik wrote:
    A question for Michael Gentry ...

    I am nitpicking here, but with the new password encoder feature, on
    startup Cayenne prints encoder class, password location and other
    related information. Would it be ok to make this output conditional
    on encoder class being not PlainTextPasswordEncoder per patch below?

    What do you think?

    Thanks
    Andrus


    Index: framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java
    ===================================================================
    --- framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java (revision 525813)
    +++ framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java (working copy)
    @@ -23,6 +23,7 @@
    import java.io.Serializable;
    import org.apache.cayenne.conf.PasswordEncoding;
    +import org.apache.cayenne.conf.PlainTextPasswordEncoder;
    import org.apache.cayenne.util.Util;
    /**
    @@ -133,16 +134,16 @@
    .append("\n min. connections: ")
    .append(minConnections)
    .append("\n max. connections: ")
    - .append(maxConnections)
    - .append("\n encoder class: ")
    - .append(passwordEncoderClass)
    - .append("\n encoder salt: ")
    - .append(passwordEncoderSalt)
    - .append("\n password location: ")
    - .append(passwordLocation)
    - .append("\n password source: ")
    - .append(getPasswordSource())
    - .append("\n]");
    + .append(maxConnections);
    +
    + if (!PlainTextPasswordEncoder.class.getName().equals
    (this.passwordEncoderClass)) {
    + buf.append("\n encoder class: ").append
    (passwordEncoderClass).append(
    + "\n encoder salt: ").append
    (passwordEncoderSalt).append(
    + "\n password location: ").append
    (passwordLocation).append(
    + "\n password source: ").append
    (getPasswordSource());
    + }
    +
    + buf.append("\n]");
    return buf.toString();
    }
  • Andrus Adamchik at Apr 9, 2007 at 10:10 am

    Perhaps could add more logic, like if using a built-in encoder, don't
    log the salt (not used), etc, but that might just be more complicated
    than it is worth.
    Thanks for the clarification. That's what I just did:

    http://svn.apache.org/viewvc?view=rev&revision=526699

    I added a few more conditionals, so that the default encoder and
    location are not printed. I think added clarity is worth 5 minutes
    that I spent on it :-) If there are other ideas, please fill free to
    further update this code.

    Andrus


    On Apr 9, 2007, at 12:59 AM, Michael Gentry wrote:
    Well, not that I'm opposed, but even if using the
    PlainTextPasswordEncoder, the password source could still be an URL
    (file: or http:), a file in the CLASSPATH, or obtained by running an
    executable program, so logging that info might still be useful ...

    Perhaps could add more logic, like if using a built-in encoder, don't
    log the salt (not used), etc, but that might just be more complicated
    than it is worth.

    Thoughts?

    Thanks,

    /dev/mrg

    On 4/8/07, Andrus Adamchik wrote:
    A question for Michael Gentry ...

    I am nitpicking here, but with the new password encoder feature, on
    startup Cayenne prints encoder class, password location and other
    related information. Would it be ok to make this output conditional
    on encoder class being not PlainTextPasswordEncoder per patch below?

    What do you think?

    Thanks
    Andrus


    Index: framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java
    ===================================================================
    --- framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java (revision 525813)
    +++ framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java (working copy)
    @@ -23,6 +23,7 @@
    import java.io.Serializable;
    import org.apache.cayenne.conf.PasswordEncoding;
    +import org.apache.cayenne.conf.PlainTextPasswordEncoder;
    import org.apache.cayenne.util.Util;
    /**
    @@ -133,16 +134,16 @@
    .append("\n min. connections: ")
    .append(minConnections)
    .append("\n max. connections: ")
    - .append(maxConnections)
    - .append("\n encoder class: ")
    - .append(passwordEncoderClass)
    - .append("\n encoder salt: ")
    - .append(passwordEncoderSalt)
    - .append("\n password location: ")
    - .append(passwordLocation)
    - .append("\n password source: ")
    - .append(getPasswordSource())
    - .append("\n]");
    + .append(maxConnections);
    +
    + if (!PlainTextPasswordEncoder.class.getName().equals
    (this.passwordEncoderClass)) {
    + buf.append("\n encoder class: ").append
    (passwordEncoderClass).append(
    + "\n encoder salt: ").append
    (passwordEncoderSalt).append(
    + "\n password location: ").append
    (passwordLocation).append(
    + "\n password source: ").append
    (getPasswordSource());
    + }
    +
    + buf.append("\n]");
    return buf.toString();
    }
  • Andrus Adamchik at Apr 9, 2007 at 10:16 am
    And sorry for the tree copies of the same email - my SMTP SSH tunnel
    misbehaved for some unknown reason.

    Andrus

    On Apr 9, 2007, at 2:10 PM, Andrus Adamchik wrote:

    Perhaps could add more logic, like if using a built-in encoder, don't
    log the salt (not used), etc, but that might just be more complicated
    than it is worth.
    Thanks for the clarification. That's what I just did:

    http://svn.apache.org/viewvc?view=rev&revision=526699

    I added a few more conditionals, so that the default encoder and
    location are not printed. I think added clarity is worth 5 minutes
    that I spent on it :-) If there are other ideas, please fill free
    to further update this code.

    Andrus


    On Apr 9, 2007, at 12:59 AM, Michael Gentry wrote:
    Well, not that I'm opposed, but even if using the
    PlainTextPasswordEncoder, the password source could still be an URL
    (file: or http:), a file in the CLASSPATH, or obtained by running an
    executable program, so logging that info might still be useful ...

    Perhaps could add more logic, like if using a built-in encoder, don't
    log the salt (not used), etc, but that might just be more complicated
    than it is worth.

    Thoughts?

    Thanks,

    /dev/mrg

    On 4/8/07, Andrus Adamchik wrote:
    A question for Michael Gentry ...

    I am nitpicking here, but with the new password encoder feature, on
    startup Cayenne prints encoder class, password location and other
    related information. Would it be ok to make this output conditional
    on encoder class being not PlainTextPasswordEncoder per patch below?

    What do you think?

    Thanks
    Andrus


    Index: framework/cayenne-jdk1.4-unpublished/src/main/java/org/
    apache/
    cayenne/conn/DataSourceInfo.java
    ===================================================================
    --- framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java (revision 525813)
    +++ framework/cayenne-jdk1.4-unpublished/src/main/java/org/apache/
    cayenne/conn/DataSourceInfo.java (working copy)
    @@ -23,6 +23,7 @@
    import java.io.Serializable;
    import org.apache.cayenne.conf.PasswordEncoding;
    +import org.apache.cayenne.conf.PlainTextPasswordEncoder;
    import org.apache.cayenne.util.Util;
    /**
    @@ -133,16 +134,16 @@
    .append("\n min. connections: ")
    .append(minConnections)
    .append("\n max. connections: ")
    - .append(maxConnections)
    - .append("\n encoder class: ")
    - .append(passwordEncoderClass)
    - .append("\n encoder salt: ")
    - .append(passwordEncoderSalt)
    - .append("\n password location: ")
    - .append(passwordLocation)
    - .append("\n password source: ")
    - .append(getPasswordSource())
    - .append("\n]");
    + .append(maxConnections);
    +
    + if (!PlainTextPasswordEncoder.class.getName().equals
    (this.passwordEncoderClass)) {
    + buf.append("\n encoder class: ").append
    (passwordEncoderClass).append(
    + "\n encoder salt: ").append
    (passwordEncoderSalt).append(
    + "\n password location: ").append
    (passwordLocation).append(
    + "\n password source: ").append
    (getPasswordSource());
    + }
    +
    + buf.append("\n]");
    return buf.toString();
    }

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupdev @
categoriescayenne
postedApr 8, '07 at 7:10p
activeApr 9, '07 at 10:16a
posts6
users2
websitecayenne.apache.org

2 users in discussion

Andrus Adamchik: 5 posts Michael Gentry: 1 post

People

Translate

site design / logo © 2022 Grokbase