Closed vahidhedayati closed 10 years ago
Ok I have fixed the problem but I have now ended up with 2 sets of logs - the actual issue of logging passwords fixed though ---
2014-04-23 14:50:56,148 [ajp-bio-8009-exec-1] INFO kickstart.KickstartFilters - Controller.browse: [action:browse, controller:Controller] 2014-04-23 14:50:56,150 [ajp-bio-8009-exec-1] INFO kickstart.KportalFilters - Controller.browse: [action:browse, controller:Controller]
for each transaction:
The fix so far:
resources.groovy: import kickstart.KickstartFilters beans = { MyAppFilters(KickstartFilters) { } } in conf/kickstart/MyAppFilters.groovy
package kickstart
class MyAppFilters extends KickstartFilters {
def filters = {
kickstartLogger() {
before = {
// Small "logging" filter for controller & actions
if (log.infoEnabled) {
if (!params.password ) {
log.info(!params.controller ? '/: ' + params : params.controller +"."+(params.action ?: "index")+": "+params)
}else{
log.info (params.controller+","+params.action+":"+params?.username)
}
}
}
}
}
}
I think I will now ask about this on the grails forum.. to see if there is any way of stopping duplication
The fix was to add below to my log4j configuration within Config.groovy: off "grails.app.filters.kickstart.KickstartFilters"
Hi I am using
kickstart-with-bootstrap:1.0.0
This puts a a kickstartFilters file within the plugin, I have customised apache-shiro and when a user authenticates it shows the password within the logs, my initial attempt was to update the KickstartFilters file within the plugin, but upon a refresh of plugins etc I lost the filter
I have tried extending the filter
Even an entry in config.groovy to stop logging kickstart (although this may be wrong)
Just wondered if this is a known issue and has any good work arounds