Skip to content

Hiding passwords, sensitive data in logs #45531

Answered by manofthepeace
magori asked this question in Q&A

You must be logged in to vote

I've done it with a JUL filter;

public class RestClientFilter implements Filter {

Filter being a java.util.logging.Filter;

then as early as you can you register it; (my case is in a @Startup bean

Logger.getLogger("org.jboss.resteasy.reactive.client.logging.DefaultClientLogger").setFilter(new RestClientFilter());

When you override the isLoggable method, you have access to the LogRecord and you can modify the log as you wish. It gets dirty a bit quick, and it will rely on some "internals" that may break over time, in my case it never broke. Example parameter order in the log line for different http method / logger invocation

Replies: 2 comments 1 reply

You must be logged in to vote
0 replies
Answer selected by magori

You must be logged in to vote
1 reply
@manofthepeace

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants