We've been using the sensitive annotation attribute for password values. This way they aren't logged when the status logger is at debug.
On 30 December 2016 at 15:59, Gary Gregory <garydgreg...@gmail.com> wrote: > Do we need a PluginPasswordAttribute? > > Gary > > ---------- Forwarded message ---------- > From: <mattsic...@apache.org> > Date: Fri, Dec 30, 2016 at 1:56 PM > Subject: [2/3] logging-log4j2 git commit: Specify sensitivity property for > password attributes > To: comm...@logging.apache.org > > > Specify sensitivity property for password attributes > > > Project: http://git-wip-us.apache.org/repos/asf/logging-log4j2/repo > Commit: http://git-wip-us.apache.org/repos/asf/logging-log4j2/commit > /b1fa463b > Tree: http://git-wip-us.apache.org/repos/asf/logging-log4j2/tree/b1fa463b > Diff: http://git-wip-us.apache.org/repos/asf/logging-log4j2/diff/b1fa463b > > Branch: refs/heads/master > Commit: b1fa463b55becf49572b6b4c4f030a88dae68640 > Parents: a890c78 > Author: Matt Sicker <matt.sic...@spr.com> > Authored: Fri Dec 30 15:55:37 2016 -0600 > Committer: Matt Sicker <matt.sic...@spr.com> > Committed: Fri Dec 30 15:55:37 2016 -0600 > > ---------------------------------------------------------------------- > .../apache/logging/log4j/core/net/ssl/KeyStoreConfiguration.java | 2 +- > .../apache/logging/log4j/core/net/ssl/TrustStoreConfiguration.java | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > ---------------------------------------------------------------------- > > > http://git-wip-us.apache.org/repos/asf/logging-log4j2/blob/b > 1fa463b/log4j-core/src/main/java/org/apache/logging/log4j/co > re/net/ssl/KeyStoreConfiguration.java > ---------------------------------------------------------------------- > diff --git a/log4j-core/src/main/java/org/apache/logging/log4j/core/net > /ssl/KeyStoreConfiguration.java b/log4j-core/src/main/java/org > /apache/logging/log4j/core/net/ssl/KeyStoreConfiguration.java > index b0a6226..db844c7 100644 > --- a/log4j-core/src/main/java/org/apache/logging/log4j/core/net > /ssl/KeyStoreConfiguration.java > +++ b/log4j-core/src/main/java/org/apache/logging/log4j/core/net > /ssl/KeyStoreConfiguration.java > @@ -64,7 +64,7 @@ public class KeyStoreConfiguration extends > AbstractKeyStoreConfiguration { > public static KeyStoreConfiguration createKeyStoreConfiguration( > // @formatter:off > @PluginAttribute("location") final String location, > - @PluginAttribute("password") final String password, > + @PluginAttribute(value = "password", sensitive = true) final > String password, > @PluginAttribute("type") final String keyStoreType, > @PluginAttribute("keyManagerFactoryAlgorithm") final String > keyManagerFactoryAlgorithm) throws StoreConfigurationException { > // @formatter:on > > http://git-wip-us.apache.org/repos/asf/logging-log4j2/blob/b > 1fa463b/log4j-core/src/main/java/org/apache/logging/log4j/co > re/net/ssl/TrustStoreConfiguration.java > ---------------------------------------------------------------------- > diff --git a/log4j-core/src/main/java/org/apache/logging/log4j/core/net > /ssl/TrustStoreConfiguration.java b/log4j-core/src/main/java/org > /apache/logging/log4j/core/net/ssl/TrustStoreConfiguration.java > index a3c9bf8..839365b 100644 > --- a/log4j-core/src/main/java/org/apache/logging/log4j/core/net > /ssl/TrustStoreConfiguration.java > +++ b/log4j-core/src/main/java/org/apache/logging/log4j/core/net > /ssl/TrustStoreConfiguration.java > @@ -59,7 +59,7 @@ public class TrustStoreConfiguration extends > AbstractKeyStoreConfiguration { > public static TrustStoreConfiguration createKeyStoreConfiguration( > // @formatter:off > @PluginAttribute("location") final String location, > - @PluginAttribute("password") final String password, > + @PluginAttribute(value = "password", sensitive = true) final > String password, > @PluginAttribute("type") final String keyStoreType, > @PluginAttribute("trustManagerFactoryAlgorithm") final > String trustManagerFactoryAlgorithm) throws StoreConfigurationException { > // @formatter:on > > > > > -- > E-Mail: garydgreg...@gmail.com | ggreg...@apache.org > Java Persistence with Hibernate, Second Edition > <https://www.amazon.com/gp/product/1617290459/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1617290459&linkCode=as2&tag=garygregory-20&linkId=cadb800f39946ec62ea2b1af9fe6a2b8> > > <http:////ir-na.amazon-adsystem.com/e/ir?t=garygregory-20&l=am2&o=1&a=1617290459> > JUnit in Action, Second Edition > <https://www.amazon.com/gp/product/1935182021/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1935182021&linkCode=as2&tag=garygregory-20&linkId=31ecd1f6b6d1eaf8886ac902a24de418%22> > > <http:////ir-na.amazon-adsystem.com/e/ir?t=garygregory-20&l=am2&o=1&a=1935182021> > Spring Batch in Action > <https://www.amazon.com/gp/product/1935182951/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1935182951&linkCode=%7B%7BlinkCode%7D%7D&tag=garygregory-20&linkId=%7B%7Blink_id%7D%7D%22%3ESpring+Batch+in+Action> > <http:////ir-na.amazon-adsystem.com/e/ir?t=garygregory-20&l=am2&o=1&a=1935182951> > Blog: http://garygregory.wordpress.com > Home: http://garygregory.com/ > Tweet! http://twitter.com/GaryGregory > -- Matt Sicker <boa...@gmail.com>
