You could use a filter to surpress the message any message that has "password" in it.
On 10/15/07, John Smith <[EMAIL PROTECTED]> wrote: > Hi, > Is there any way to suppress passwords' display in the log files? > I am concerned that log files will be accessible to various users on > the server, disclosing the application passwords to them. > > Is there some way to filter the passwords before they are committed to > the log file? > > Thanks, > John > > > (2007-10-12 02:02:23,451) 1140750 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:259 - password = > TESTPASSWORD > > (2007-10-12 02:02:23,452) 1140751 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:259 - Submit = Go > > (2007-10-12 02:02:23,452) 1140751 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:259 - redirectURL > = > > (2007-10-12 02:02:23,453) 1140752 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:259 - username = > TESTUSERNAME > > (2007-10-12 02:02:23,455) 1140754 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.catalina.core.ApplicationDispatcher:185 - > servletPath=/auth/loginMessage.jsp, pathInfo=null, queryString=null, > name=null > > (2007-10-12 02:02:23,456) 1140755 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.catalina.core.ApplicationDispatcher:562 - Path Based > Include > > (2007-10-12 02:02:23,457) 1140756 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:249 - JspEngine --> > /auth/loginMessage.jsp > > (2007-10-12 02:02:23,458) 1140757 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:250 - ServletPath: > /auth/loginWarning.jsp > > (2007-10-12 02:02:23,458) 1140757 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:251 - PathInfo: > null > > (2007-10-12 02:02:23,459) 1140758 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:252 - RealPath: > /opt/jboss-4.2.0.GA/server/storeapp/./deploy/jboss-storeapp.ear/jboss-storeapp.war/auth/loginMessage.jsp > > (2007-10-12 02:02:23,460) 1140759 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:253 - RequestURI: > /admin/auth/loginWarning.jsp > > (2007-10-12 02:02:23,461) 1140760 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:254 - QueryString: > null > > (2007-10-12 02:02:23,461) 1140760 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:255 - Request Params: > > (2007-10-12 02:02:23,462) 1140761 [ajp-0.0.0.0-8100-14] DEBUG > org.apache.jasper.servlet.JspServlet:259 - password = > TESTPASSWORD > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- James A. N. Stauffer http://www.geocities.com/stauffer_james/ Are you good? Take the test at http://www.livingwaters.com/good/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
