From dbaf3e08ef28745db12d367ced71613760e3b059 Mon Sep 17 00:00:00 2001
From: Rhys Williams <170514543+Viii3@users.noreply.github.com>
Date: Fri, 23 Aug 2024 12:22:55 +0100
Subject: [PATCH] Use masked passwords in logger.

---
 .../glassfish/admingui/common/util/RestUtil.java   | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/appserver/admingui/common/src/main/java/org/glassfish/admingui/common/util/RestUtil.java b/appserver/admingui/common/src/main/java/org/glassfish/admingui/common/util/RestUtil.java
index 4d5a270076d..1a2e143cba2 100644
--- a/appserver/admingui/common/src/main/java/org/glassfish/admingui/common/util/RestUtil.java
+++ b/appserver/admingui/common/src/main/java/org/glassfish/admingui/common/util/RestUtil.java
@@ -37,7 +37,7 @@
  * only if the new code is made subject to such option by the copyright
  * holder.
  */
-// Portions Copyright [2017-2021] [Payara Foundation and/or its affiliates]
+// Portions Copyright [2017-2024] [Payara Foundation and/or its affiliates]
 
 package org.glassfish.admingui.common.util;
 
@@ -190,12 +190,12 @@ public static Map<String, Object> restRequest(String endpoint, Map<String, Objec
         Logger logger = GuiUtil.getLogger();
         if (logger.isLoggable(Level.FINEST)) {
             Map<String, Object> maskedAttr = maskOffPassword(attrs);
-            logger.log(Level.FINEST,
-                       GuiUtil.getCommonMessage("LOG_REST_REQUEST_INFO",
-                                                new Object[]{
-                        endpoint,
-                        (useData && "post".equals(method)) ? data : attrs, method
-                    }));
+            logger.log(Level.FINEST, GuiUtil.getCommonMessage("LOG_REST_REQUEST_INFO",
+                new Object[]{
+                    endpoint,
+                    (useData && "post".equals(method)) ? data : maskedAttr, method
+                })
+            );
         }
 
         // Execute the request...