[jira] Commented: (TAPESTRY-2477) Method logging code should recognize an @Password annotation and obscure the output written to the log

Robert Zeigler (JIRA) Tue, 24 Jun 2008 12:30:01 -0700

    [ 
https://issues.apache.org/jira/browse/TAPESTRY-2477?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12607733#action_12607733
 ]


Robert Zeigler commented on TAPESTRY-2477:
------------------------------------------

What about "Obfuscate" of "Obfuscated"?



> Method logging code should recognize an @Password annotation and obscure the 
> output written to the log
> ------------------------------------------------------------------------------------------------------
>
>                 Key: TAPESTRY-2477
>                 URL: https://issues.apache.org/jira/browse/TAPESTRY-2477
>             Project: Tapestry
>          Issue Type: Improvement
>          Components: tapestry-ioc
>    Affects Versions: 5.0.13
>            Reporter: Howard M. Lewis Ship
>            Priority: Minor
>
> Currently, log output may include plaintext passwords (or other secure data). 
>  I nice solution might be to mark parameters (or the method itself,i.e., the 
> return value) as @Password (or something similar) to clue in the logging code 
> that the parameter in question should be written out as a series of asterisks 
> or otherwise obscured.
> @Secure is already taken; @SecureData, @NotForPryingEyes, @ObscureInOutput, 
> something similar?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[jira] Commented: (TAPESTRY-2477) Method logging code should recognize an @Password annotation and obscure the output written to the log

Reply via email to