vahidhedayati
commented
10 years ago Ok I have fixed the problem but I have now ended up with 2 sets of logs - the actual issue of logging passwords fixed though ---
2014-04-23 14:50:56,148 [ajp-bio-8009-exec-1] INFO kickstart.KickstartFilters - Controller.browse: [action:browse, controller:Controller] 2014-04-23 14:50:56,150 [ajp-bio-8009-exec-1] INFO kickstart.KportalFilters - Controller.browse: [action:browse, controller:Controller]
for each transaction:
The fix so far:
resources.groovy: import kickstart.KickstartFilters beans = { MyAppFilters(KickstartFilters) { } } in conf/kickstart/MyAppFilters.groovy
package kickstart
class MyAppFilters extends KickstartFilters {
def filters = {
kickstartLogger() {
before = {
// Small "logging" filter for controller & actions
if (log.infoEnabled) {
if (!params.password ) {
log.info(!params.controller ? '/: ' + params : params.controller +"."+(params.action ?: "index")+": "+params)
}else{
log.info (params.controller+","+params.action+":"+params?.username)
}
}
}
}
}
}
I think I will now ask about this on the grails forum.. to see if there is any way of stopping duplication
Hi I am using
kickstart-with-bootstrap:1.0.0
This puts a a kickstartFilters file within the plugin, I have customised apache-shiro and when a user authenticates it shows the password within the logs, my initial attempt was to update the KickstartFilters file within the plugin, but upon a refresh of plugins etc I lost the filter
I have tried extending the filter
Even an entry in config.groovy to stop logging kickstart (although this may be wrong)
Just wondered if this is a known issue and has any good work arounds