Hiding passwords, sensitive data in logs #45531
-
Hi, we need to hide the password in the logs, specifically for REST requests.
It would be better if the log looked like this: username=admin&password=****** How to modify the logs on the fly ? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 1 reply
-
I've done it with a JUL filter;
Filter being a then as early as you can you register it; (my case is in a
When you override the isLoggable method, you have access to the |
Beta Was this translation helpful? Give feedback.
-
Tanks for this answer, I used the annotation This work perfectly. |
Beta Was this translation helpful? Give feedback.
I've done it with a JUL filter;
public class RestClientFilter implements Filter {
Filter being a
java.util.logging.Filter;
then as early as you can you register it; (my case is in a
@Startup
beanLogger.getLogger("org.jboss.resteasy.reactive.client.logging.DefaultClientLogger").setFilter(new RestClientFilter());
When you override the isLoggable method, you have access to the
LogRecord
and you can modify the log as you wish. It gets dirty a bit quick, and it will rely on some "internals" that may break over time, in my case it never broke. Example parameter order in the log line for different http method / logger invocation