4

I would like to create my own custom annotation, i'm using Spring framework.

when someone annotate his POJO class a code behind will trigger methods.

For example @Sensetive(values = "accountNumber") when annotate on below class

public class User {
   protected String user = "";
   protected String code = "";
   protected String accountNumber = "";
}

will call a method that when logging the values they will appear masked ( for example accountNumber = "12345" -> masked accountNumber = XXXX5).

I'm aware of @ToString annotation that can exclude the value completely when calling toString method, but is there possibility to mask it?

Shmuel P.
  • 129
  • 1
  • 8
  • Usually u setup global layout configuration for masking sensitive information. You didnt mention what logging provider you use. Take this link for example for logback https://stackoverflow.com/questions/25277930/mask-sensitive-data-in-logs-with-logback – SeaBiscuit Jul 17 '17 at 09:13
  • Thanks! that is the solution for my issue. – Shmuel P. Jul 18 '17 at 06:15

1 Answers1

-2

You can just override toString method and mask the account number in it, e.g.:

@Override
public String toString(){
    String maskedAccountNumber = accountNumber.replaceAll("[0-9]+", "*"); //This is just an example, actual implementation might differ
    return "user : " + user +
        " code : " + code +
        " account number : " + maskedAccountNumber;
}

All the logging/printing methods (e.g. System.out.println) will call toString of respective object so having this method overridden will help mask the details.

Darshan Mehta
  • 30,102
  • 11
  • 68
  • 102
  • thanks for the response but i was looking for more generic solution for all classes and not just for the specific one. – Shmuel P. Jul 18 '17 at 09:04
  • 1
    @SamP. well, all classes will have different members and different masking rules. So generic solution might not be ideal. – Darshan Mehta Jul 18 '17 at 09:26