[jboss-dev-forums] [Design of POJO Server] - Re: Masking passwords in logs
adrian@jboss.org
do-not-reply at jboss.com
Fri Oct 10 11:30:23 EDT 2008
Why doesn't this solve the problem?
http://www.jboss.org/community/docs/DOC-9350
http://www.jboss.org/community/docs/DOC-9703
Even if you mask the password in the log, if it is an MBean attribute, it will
be visible via JMX (and the user has access).
Additionally since we recommend changing the log level to INFO
for production anyway, none of this will appear in the log.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4181548#4181548
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4181548
More information about the jboss-dev-forums
mailing list