From 4da2595a0c7244303ca31178c4c8859940721c54 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 16 Mar 2017 06:27:23 +0100 Subject: limit length of some logged identifier to max length of 254 characters --- .../moa/id/advancedlogging/StatisticLogger.java | 27 ++++++++++++++-------- 1 file changed, 18 insertions(+), 9 deletions(-) (limited to 'id/server/idserverlib') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java index dfea14a72..6f700d1cb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java @@ -74,6 +74,7 @@ public class StatisticLogger implements IStatisticLogger{ private static final String MANTATORTYPE_NAT = "nat"; private static final int MAXERRORLENGTH = 200; + private static final int MAXOAIDENTIFIER_LENGTH = 254; private static final String ERRORTYPE_UNKNOWN = "unkown"; private static final String ERRORTYPE_BKU = "bku"; @@ -119,7 +120,7 @@ public class StatisticLogger implements IStatisticLogger{ //dblog.setOaID(dbOA.getHjid()); //log basic AuthInformation - dblog.setOaurlprefix(protocolRequest.getOAURL()); + dblog.setOaurlprefix(getMessageWithMaxLength(dbOA.getPublicURLPrefix(), MAXOAIDENTIFIER_LENGTH)); dblog.setOafriendlyName(dbOA.getFriendlyName()); boolean isbusinessservice = isBusinessService(dbOA); @@ -254,12 +255,15 @@ public class StatisticLogger implements IStatisticLogger{ dblog.setTimestamp(new Date()); - dblog.setOaurlprefix(errorRequest.getOAURL()); + dblog.setOaurlprefix(getMessageWithMaxLength(errorRequest.getOAURL(), MAXOAIDENTIFIER_LENGTH)); dblog.setProtocoltype(errorRequest.requestedModule()); dblog.setProtocolsubtype(errorRequest.requestedAction()); + generateErrorLogFormThrowable(throwable, dblog); + IOAAuthParameters dbOA = errorRequest.getOnlineApplicationConfiguration(); if (dbOA != null) { + dblog.setOaurlprefix(getMessageWithMaxLength(dbOA.getPublicURLPrefix(), MAXOAIDENTIFIER_LENGTH)); dblog.setOafriendlyName(dbOA.getFriendlyName()); dblog.setOatarget(dbOA.getTarget()); //dblog.setOaID(dbOA.getHjid()); @@ -291,17 +295,18 @@ public class StatisticLogger implements IStatisticLogger{ dblog.setMandatelogin(moasession.isMandateUsed()); } - generateErrorLogFormThrowable(throwable, dblog); - try { - entityManager.persist(dblog); + + } - } catch (Exception e) { - Logger.warn("Write 'error' statisticLog to database FAILED.", e); + try { + entityManager.persist(dblog); - } - + } catch (Exception e) { + Logger.warn("Write 'error' statisticLog to database FAILED.", e); + } + } } @@ -313,6 +318,10 @@ public class StatisticLogger implements IStatisticLogger{ return false; } + private String getMessageWithMaxLength(String msg, int maxlength) { + return getErrorMessageWithMaxLength(msg, maxlength); + + } private String getErrorMessageWithMaxLength(String error, int maxlength) { if (error != null) { -- cgit v1.2.3