Added a static value for the password field to hide it: <KeyValuePair key="password" value="youdidntsaythemagicword"/>
On Monday, October 22, 2018 at 10:02:32 PM UTC-4, JF Poulin wrote: > > Hi Danny. > > Noticing the same thing just now. Any workaround? I'll let you know if I > end up finding one. > > Thanks. > > On Thursday, September 27, 2018 at 4:08:19 PM UTC-4, Danny wrote: >> >> I've been playing around sending logs to a Graylog server using the >> GelfLayout mechanism. It's working...too well. I discovered that the >> login password is being sent into the Graylog server as part of the GELF >> data. If I set the log level at warn, I get nothing at all, but at info, I >> get the password. I've attached the log to several different AsyncLogger >> entries, but cannot find one that doesn't include the password. Am I >> missing something or is this an issue that needs to be fixed. My log files >> just have the message data, but the GELF data seems to include everything >> in the session. >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6fa3815f-692c-457b-a0f9-162e4c072704%40apereo.org.
