Protect Debug Info Transaction Participant

jPOS-EE has a very handy transaction participant called “Debug” its main purpose is to dump the contents of the jPOS’s Context. While this is very helpful in test modes and during development – The context remains “un-protected” and all of the data remains in the clear. Even the ProtectedLogListener and FSDProtectedLogListener will not protect data in the context.

Enter the ProtectDebugInfo Transaction Participant a configurable implementation I wrote based on some of Alejandro’s ideas, and one that lives in most of OLS’s payment products in various specific iterations.

It’s configuration looks like:

ProtectDebugInfo.png

Protecting your q2.log in this truncated example:

<entry key=‘FSDMESSAGE’>
<fsdmsg schema=‘file:cfg/fsd-base’>
account-number: ‘599999______0001’
</fsdmsg>
</entry>
<entry key=‘PAN’>599999______0001</entry>
<entry key=‘RESPONSE’>
<isomsg direction=“incoming”>
<field id=“0” value=“2110”/>
<field id=“2” value=“599999______0001”/>
<field id=“35” value=“599999______0001=____________________”/>
</isomsg>
</entry>
<entry key=‘REQUEST’>
<isomsg direction=“incoming”>
<field id=“0” value=“2100”/>
<field id=“2” value=“599999______0001”/>
<field id=“35” value=“599999______0001=____________________”/>
</isomsg>
</entry>

Leave a Comment.