private String anonymizedSessionKey(String sessionKey, int length) { return Utilities.createAlphanumericHash(sessionKey, length); } }
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception { final TraceeFilterConfiguration configuration = backend.getConfiguration(profileName); if (configuration.shouldProcessContext(IncomingRequest)) mergeIncomingContextToBackend(request, configuration); // create random RequestId if not already set if (!backend.containsKey(TraceeConstants.REQUEST_ID_KEY) && configuration.shouldGenerateRequestId()) { backend.put(TraceeConstants.REQUEST_ID_KEY, Utilities.createRandomAlphanumeric(configuration.generatedRequestIdLength())); } // create another random id to identify the http session if (!backend.containsKey(TraceeConstants.SESSION_ID_KEY) && configuration.shouldGenerateSessionId()) { final HttpSession session = request.getSession(false); if (session != null) { backend.put(TraceeConstants.SESSION_ID_KEY, Utilities.createAlphanumericHash(session.getId(), configuration.generatedSessionIdLength())); } } return true; }
/** * Creates a alphanumeric projection with a given length of the given object using its {@link Object#hashCode()}. */ public static String createAlphanumericHash(String str, int length) { try { MessageDigest md = MessageDigest.getInstance("SHA-256"); final byte[] digest = md.digest(str.getBytes(Charset.forName("UTF-8"))); // To human StringBuilder sb = new StringBuilder(); for (byte b : digest) { if (b < 16) sb.append("0"); sb.append(Integer.toHexString(b & 0xff)); } // repeat if to small while (sb.length() < length) { sb.append(sb.toString()); } // truncation and return return sb.delete(length, sb.length()).toString(); } catch (NoSuchAlgorithmException e) { // Preferred hash algorithm is not available. We generate random string. return createRandomAlphanumeric(length); } catch (UnsupportedCharsetException e) { // We should handle such error like the NoSuchAlgorithmException return createRandomAlphanumeric(length); } } }
@Override public boolean shouldProcessContext(Channel channel) { final String messageTypePropertyValue = getProfiledOrDefaultProperty(channel.name()); return !Utilities.isNullOrEmptyString(messageTypePropertyValue); }
void httpRequestInitialized(HttpServletRequest request) { final TraceeFilterConfiguration configuration = backend.getConfiguration(); if (configuration.shouldProcessContext(IncomingRequest)) { mergeIncomingContextToBackend(request); } if (configuration.shouldGenerateRequestId() && !backend.containsKey(TraceeConstants.REQUEST_ID_KEY)) { backend.put(TraceeConstants.REQUEST_ID_KEY, Utilities.createRandomAlphanumeric(configuration.generatedRequestIdLength())); } if (configuration.shouldGenerateSessionId() && !backend.containsKey(TraceeConstants.SESSION_ID_KEY)) { final HttpSession session = request.getSession(false); if (session != null) { backend.put(TraceeConstants.SESSION_ID_KEY, anonymizedSessionKey(session.getId(), configuration.generatedSessionIdLength())); } } }
protected final void handleIncoming(SOAPMessageContext context) { final SOAPPart soapPart = context.getMessage().getSOAPPart(); try { final TraceeBackend backend = getTraceeBackend(); final SOAPHeader header = soapPart.getEnvelope().getHeader(); if (header != null && backend.getConfiguration().shouldProcessContext(IncomingRequest)) { final Map<String, String> parsedContext = transportSerialization.parse(header); final Map<String, String> filteredContext = backend.getConfiguration().filterDeniedParams(parsedContext, IncomingRequest); getTraceeBackend().putAll(filteredContext); } // generate request id if it doesn't exist if (getTraceeBackend().get(TraceeConstants.REQUEST_ID_KEY) == null && getTraceeBackend().getConfiguration().shouldGenerateRequestId()) { getTraceeBackend().put(TraceeConstants.REQUEST_ID_KEY, Utilities.createRandomAlphanumeric(getTraceeBackend().getConfiguration().generatedRequestIdLength())); } } catch (final SOAPException e) { traceeLogger.error("TraceeServerHandler - Error during precessing of inbound soap header"); } }
private String anonymizedSessionKey(String sessionKey, int length) { return Utilities.createAlphanumericHash(sessionKey, length); }