What you describe is going a bit in opposite directions, enable trace
logging to show everything and then have a policy to not show it.
If that situation is unavoidable somehow, I would do it right the first
time and encrypt the soap body.
My next choice would be to solve this at the logging leve
Hi Robert,
But the question is, suppose some one did the log chaking with trace/debug
level intentionally.then do we have any preventive measure to avoid it?
Or it is the issue with Third party Axis2 jar which is displaying the
password ?
Best regards,
Pavan landge
On Wed 19 Jun, 2019, 8:49 PM
On Tue, Jun 18, 2019 at 9:28 PM pavan landge
wrote:
>
>
> -- Forwarded message -
> From: pavan landge
> Date: Thu 13 Jun, 2019, 3:30 PM
> Subject: Axis2: Security Bug Severity 1
> To:
> Cc: pavan landge
>
>
> Hi Team,
>
> I am using Axis2 jar for SAOP (Request/Response). In log
