[ https://issues.apache.org/jira/browse/DELTASPIKE-382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13684702#comment-13684702 ]
Gerhard Petracek commented on DELTASPIKE-382: --------------------------------------------- to summarize it: #1 i don't agree with masking values for the access via a single ds-api (because it needs to be solved on a different level) #2 i agree that we can improve the current default handling #3 i agree that it should be possible to avoid logging in some cases/stages/... (without agreeing with the password use-case -> i don't agree with the title of this ticket and the initially used use-case) #4 if someone uses it for use-cases not everybody here agrees with, they are responsible for it (but imo we shouldn't actively support/document it) > mask out passwords and other credentials > ---------------------------------------- > > Key: DELTASPIKE-382 > URL: https://issues.apache.org/jira/browse/DELTASPIKE-382 > Project: DeltaSpike > Issue Type: New Feature > Components: Configuration > Affects Versions: 0.4 > Reporter: Mark Struberg > Assignee: Mark Struberg > Fix For: 0.5 > > > Our configuration mechanism currently logs all the configured values. > This makes it hard to use it for passwords and stuff. > I suggest we introduce some specific prefix property to configure configs > which contain sensitive information. > For the key 'some.random.password' this could look like: > deltaspike_config.mask.some.random.password=true > In the log we would in this case just output the information whether and > where we did find some value, but not print the details for all configs which > start with all of the configured masks. > I'm not yet sure though how to configure this best. Suggestions appreciated! -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira