I am creating an application where I am planning to take confidential data of the user. But for debugging issues I am planning to log the values like for which username there is an issue. But dont want to log their passwords.
I have this sample code:
StringBuffer errorBuilder = new StringBuffer();
violations.forEach(v -> errorBuilder.append("\r\n\"")
.append(v.getPropertyPath())
.append("\": ")
.append(v.getMessage())
.append(" -- ")
.append(v.getInvalidValue())); // Avoid print here
return errorBuilder.toString();
This is the sample class
@Getter
@Setter
public class UserCredentials {
@NotNull
@Size(min=5, max=15)
private String username;
@NotNull
@Pattern(regex=Constants.Regex.PASSWORD)
private String password;
@NotNull
@Pattern(regex=Constants.Regex.DOB)
private String dob;
@NotNull
@Pattern(regex=Constants.Regex.EMAIL)
private String email;
}
There are two ways which I thought: To place a the "password" in a list and check if getPropertyPath contains values from the list and avoid printing invalidValue.
But is there any annotation or can there be any annotation like @Confidential where I can avoid printing this value.
I will not mind creating a custom annotation. I thought this way it is much cleaner and I dont have to write everytime the fieldname which I am checking as Confidential in the list.
I thought of doing this way:
StringBuffer errorBuilder = new StringBuffer();
violations.forEach(v -> {
if (v.getPropertyPath() has annotation @Confidential) { // Looking for this.
errorBuilder.append("\r\n\"")
.append(v.getPropertyPath())
.append("\": ")
.append(v.getMessage())
} else {
errorBuilder.append("\r\n\"")
.append(v.getPropertyPath())
.append("\": ")
.append(v.getMessage())
.append(" -- ")
.append(v.getInvalidValue()));
}
});
return errorBuilder.toString();
Any thoughts on how to create this annotation and check these scenarios?
