Menu
What is the best approach to hide confidental data, e.g. passwords into logs.
I would like to log body of POST requests, which are send to my Servlet. But logging password isn't a good idea. How to mask passwords? If the regular expression is the best idea, can you propose some examples?
// Example:
password=123456asedqwe -> password=***
bla&password=qweqweqwe -> bla&password=***
password=qweqweqwe&qwe=qwe -> password=***&qwe=qwe
206
To mask personal data in Log Monitoring, a masking rule and a masking rule scope need to be added to the configuration file for each OneAgent. The masking rule defines what data is masked, while the masking rule scope defines to what log files the rule is applied. The masking is done in the OneAgent.
A masked password is an obscure string representation of a real password. To mask a password a user will use an 'codec'. The codec takes in the real password and outputs the masked version. A user can then replace the real password in the configuration files with the new masked password.
Masking passwords is an old practice that's commonly implemented in sign-up and log-in forms. It's used to prevent over-the-shoulder snoopers from catching the user's password. While masking passwords is a good security practice, there's a chance it could jeopardize the user experience of your sign-up form.
You can try the following simple regex replacement. It assumes that the password lies between password= and the next &.
String s = "password=qweqweqwe&qwe=qwe ";
String maskedPassword = s.replaceAll("password=[^&]*", "password=***");
System.out.println(maskedPassword);
prints:
password=***&qwe=qwe
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
