Josh is pointing you in the right direction. You should hash the password. What kind of system is this? Security has to be considered from end to end. Are you communicating between two systems? Who are you worried about calling tostring()?
Chris On Feb 9, 2011, at 6:10 PM, si chen <[email protected]> wrote: > Thanks, Josh. > Generally, is there a way we can control how thrift generate toString > method? > > On Wed, Feb 9, 2011 at 3:04 PM, Joshua Kehn <[email protected]> wrote: > >> My solution would be to not pass a password around in plaintext. >> >> Regards, >> >> -Josh >> ____________________________________ >> Joshua Kehn | [email protected] >> "Wielder of the Programming Broomstick" >> >> On Feb 9, 2011, at 6:03 PM, si chen wrote: >> >>> Hi >>> I am using thrift to pass a struct like below: >>> >>> struct User { >>> 1: string user; >>> 2: string password; >>> } >>> >>> It works as expected, however, the "toString" method generated by thrift >>> always add the password field in plain text, how can I instruct thrift >> NOT >>> to include password field in toString method? I mean, if I log the >> struct, I >>> don't want to see the password being printed to log in plain text. >>> >>> User u; >>> u.setUser("user"); >>> u.setPassword("1234"); >>> log.info(u); >>> >>> Thanks >>> Si >> >>
