[cas-dev] Logging in CAS4
Howard Gilbert
Howard.Gilbert at yale.edu
Mon Feb 2 16:08:59 EST 2009
Except that Credentials should never be logged, or if there are loggable
credentials (X509) then there should be a subtype of (maybe)
LoggableCredentials with a getLogData() method that allows a Credentials
object to provide safe log data. Yes I know that the current Credentials
objects like UsernamePasswordCredentials have toString() methods that don't
expose the password, but it is only a convention that logging necessarily
generates a character file by toString(). In the abstract, a Log4J appender
can append raw objects to a file, and it just happens that the most commonly
used log files turn everything into text. Even if the core credential
objects try to be safe, we should use a belt and suspenders on this one and
never pass credential objects to anything, even a logger, but only pass
sanitized objects that the Credentials object tell us is safe.
As a fallback, log credential.toString() and not credential itself.
From: cas-dev-bounces at tp.its.yale.edu
[mailto:cas-dev-bounces at tp.its.yale.edu] On Behalf Of Scott Battaglia
Sent: Monday, February 02, 2009 11:21 AM
To: Mailing list for CAS developers
Subject: Re: [cas-dev] Logging in CAS4
Thanks!
So it looks like at the INFO level, we should be logging all the interface
calls for CentralAuthenticationService (and the params, return values).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20090202/4c645880/attachment.html
More information about the cas-dev
mailing list