[
https://issues.apache.org/jira/browse/JCR-4526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17025986#comment-17025986
]
Julian Reschke commented on JCR-4526:
-------------------------------------
I can't rule out that auth related exceptions contain user IDs in their
message; nor do I (personally) believe this is a problem. Yes, you need to be
careful *where* to log exceptions, and how long to preserve these logs.
> PII(Personally Identifiable Information) compliance for Exception Logging
> -------------------------------------------------------------------------
>
> Key: JCR-4526
> URL: https://issues.apache.org/jira/browse/JCR-4526
> Project: Jackrabbit Content Repository
> Issue Type: Task
> Reporter: Dipen Sen
> Priority: Blocker
>
> As a developer I want to log full exception stack trace but want to make sure
> they are PII compliant and not logging any personal data.
>
> Please provide any documentation if available to show if full stack trace of
> exceptions can be logged without violating PII compliance.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
