As described at http://qpid.apache.org/releases/qpid-jms-0.21.0/docs/index.html#logging, the client uses SLF4J and requires the application provide a binding for it and matching logging implementation then configure it according to its needs. It logs nothing by default unless loaded alongside suitable logging binding and implementation which is configured to output its particular loggers at some level.
In this case, something else in your application is providing an SLF4J binding and logging implementation, which is being configured (or not configured) in such a way as to cause output of the loggers used by the client to at least debug level. This may be Log4J, or something else entirely, you will need to investigate your application to find out what and then change that or configure it appropriately. The proton trace entries you mentioned aren't of a format I recogonise, and the client wont emit proton tracing unless explicitly configured, so I'm a bit confused by that point. We will take a look in terms of improving the rest when loggers are enabled. Robbie On 11 April 2017 at 14:12, Vince Cole <[email protected]> wrote: > When connecting to ActiveMQ via JMS I am using failover and also specifingy > the SSL parameters in the connection URI - as specified @ > https://qpid.apache.org/releases/qpid-jms-0.21.0/docs/index.html > > Questions: > * Is it possible to disable the logging of the JMS connection URI? > * If not, is it possible to mask out the URI's password parameters before > logging? > * Failing that, is it possible to disable ALL logging performed by the > components which identify themselves as 'FailoverProvider' and > 'AmqpProvider' - if so, how? The logging level of my client application > (NiFi) seems to have absolutely zero effect on this. > > I am using NiFi to connect to ActiveMQ, using qpid-jms-client 0.11.1 (with > javax.jms-api 2.0.1) and to do this I have developed a NiFi processor which > uses org.apache.qpid.jms.jndi.JmsInitialContextFactory and > javax.jms.ConnectionFactory (specifying the environment via a Hashtable) in > accordance with the guidance at > https://qpid.apache.org/releases/qpid-jms-0.21.0/docs/index.html > > Note: I cannot use a later version of qpid-jms-client (because later > versions require Java 8, my project is Java 7). > > Observations: > > In the NiFi log, regardless of ActiveMQ's logging level or even if it is > running, I see lots of log entries, emitted from something called > 'AmqpProvider' - they appear there, regardless of NiFi's logging level. > > When the NiFi user stops/starts the processor, the NiFi processor > opens/closes the JMS connection, and this results in: > * an *INFO*-level log entry from 'AmqpProvider' reporting the > "o.a.qpid.jms.sasl.SaslMechanismFinder Best match for SASL auth was > SASL-PLAIN" > * an *INFO*-level log entry from 'FailoverProvider' reporting the connection > either "connected to remote Broker" or "Connection attempt [...] failed". > * a *DEBUG*-level log entry from 'AmqpProvider' reporting that connection > has been opened/closed. > * a *DEBUG*-level log entry from 'FailoverProvider' reporting the connection > is in-progress / being created (Executing Failover task: create) / being > destroyed (Executing Failover task: destroyed) > > There are also periodic entries from 'AmqpProvider' at *DEBUG *level, > stating "proton.trace IN: CH[0] : Empty Frame". > > In ALL of ^these log entries, the JMS connection URI is displayed, in full, > showing all the URI parameters, including those for > transport.keyStorePassword and transport.trustStorePassword, in plaintext. > > I don't want that to happen. If the passwords can be starred out, that would > be good. > > Ideally, I'd also like to be able to switch the logging off as its pretty > chatty, and I really don't want DEBUG level logging happening unless my > client application's logging level is set to DEBUG mode. > > NiFi doesn't seem to use log4j - I can't see how its logging config file can > be modified to set the logging level for 'FailoverProvider' and > 'AmqpProvider'. > > Please help! > > > > -- > View this message in context: > http://qpid.2158936.n2.nabble.com/qpid-jms-client-writing-passwords-to-the-log-tp7662189.html > Sent from the Apache Qpid users mailing list archive at Nabble.com. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
