Issue on the DTO(Data Transfer object)

roy_sanu used Ask the Experts™
why getAllLookupData method of the below two has to map . i got this code from  internet as i have to look at it as there is some issue in it and can be used in my college project.
any help sir ?

	public ResponseEntity<?> fetch(@RequestHeader("userinfo") String userinfo,PageAttributes pageAttributes) throws AdminServiceException {

		HashMap<String, String> map=HeaderInfoUtility.getCredentials(userinfo);"-----username--------{}--",map.get(USERNAME));"------password-----{}---",map.get(PASSWORD));"------passwordEncrypted-----{}---",map.get(ENCRYPTEDPASSWORD));
		UserContext userContext=new UserContext();
		AdminDTO adminDto = lookupActionsService.getAllLookupData(pageAttributes.getPageNumber(),
				pageAttributes.getPageSize(), pageAttributes.getSortType(), pageAttributes.getSortFields(),
				pageAttributes.getLocale(), userContext);

		return new ResponseEntity<>(adminDto, HttpStatus.OK);

Open in new window

	public AdminDTO getAllLookupData(int pageNumber, int pageSize, String sortType, List<String> sortFields,
			String locale, UserContext userContext) {
		AdminDTO adminDto = null;
		String repositoryType = getRepositoryType();

		try {
			adminDto = adminFactory.getAdminFactory(repositoryType).
					getAllActionsLookupData(pageNumber, pageSize, sortType, sortFields, locale, userContext);
		} catch (CmsRevampFactoryException ce) {
					"Error occurred while retrieving actions lookup :getAllLookupData() {}",
			throw new AdminServiceException(
					"Exception occured while retrieving actions lookup ");

		return adminDto;

Open in new window

Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®


Hello expert needs help quickly
Thanks R.
Senior Developer
Never, and I mean really NEVER, log plaintext credentials. This is a severe security issue.

When looking at the code structure, then the user context class should encapsulate the parsing of the user info string. There should be no separate class, your map variable, which does this.

Furthermore, the syntax also looks like you're not using a salt per user. See Plain Text Offenders Developers FAQ for working with passwords. This also includes using a GuardedString for holding the password in memory.

why getAllLookupData method of the below two has to map
The getAllLookupData has no map variable or parameter of the type HashMap. Please rephrase your question.


No probs Ste5an it was a good info for me. next time i will set it as private as i am not aware of the sensitivity of the world.
Ouch ha!!!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial