From 247e2b82609e97eb161e7a80ef136fadf7d61daa Mon Sep 17 00:00:00 2001
From: Marc Diamant <marc.diamant@hitachivantara.com>
Date: Fri, 19 Jan 2024 15:05:23 -0500
Subject: [PATCH] [BACKLOG-39521] Added if statement to remove username and
 password being printed

---
 .../tomcat/logvalve/FilteredAccessLogValve.java    | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/tomcat-logs/src/main/java/org/pentaho/tomcat/logvalve/FilteredAccessLogValve.java b/tomcat-logs/src/main/java/org/pentaho/tomcat/logvalve/FilteredAccessLogValve.java
index 2d57325078c..647243f689b 100644
--- a/tomcat-logs/src/main/java/org/pentaho/tomcat/logvalve/FilteredAccessLogValve.java
+++ b/tomcat-logs/src/main/java/org/pentaho/tomcat/logvalve/FilteredAccessLogValve.java
@@ -14,7 +14,7 @@
  * See the GNU General Public License for more details.
  *
  *
- * Copyright (c) 2022 Hitachi Vantara. All rights reserved.
+ * Copyright (c) 2022-2024 Hitachi Vantara. All rights reserved.
  *
  */
 
@@ -35,10 +35,18 @@ public class FilteredAccessLogValve extends AccessLogValve {
   public void log( CharArrayWriter message ) {
     try ( CharArrayWriter caw = new CharArrayWriter() ) {
       // Mask the user password
-      caw.write( message.toString().replaceAll( "j_password=[^&^ ]*", "j_password=***" ) );
+      String tempString = message.toString();
+      if ( tempString.contains( "/pentaho/api/csrf" ) || tempString.contains( "/pentaho/api/repo/files/backup" ) ) {
+        tempString = tempString.replaceAll( "\\?userid[^&]+%26", "" );
+        tempString = tempString.replaceAll( "\\?userid[^&]+", "" );
+        tempString = tempString.replaceAll( "password[^&]+%26", "" );
+        tempString = tempString.replaceAll( "\\&password[^&]+", "" );
+      }
+      tempString = tempString.replaceAll( "j_password=[^&^ ]*", "j_password=***" );
+      caw.write( tempString );
       super.log( caw );
     } catch ( IOException e ) {
       e.printStackTrace();
     }
   }
-}
\ No newline at end of file
+}