Disguise the authorization header in the wso2 logs

flaviostutz / cdk-practical-constructs

A collection of CDK constructs for making the development of AWS based applications easier and safer in a practical way

MIT License

4 stars 2 forks source link

Disguise the authorization header in the wso2 logs #34

Open MarcioMeier opened 1 month ago

MarcioMeier commented 1 month ago

Problem being solved

Currently the wso2 deployment logs are being logged exposing the wso2 authorizatino header. This sensible information should not be exposed in the logs.

Proposal

Obfuscate the authorization header from the wso2 deployment logs