You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@karaf.apache.org by "Ina Thiemann (Jira)" <ji...@apache.org> on 2022/04/19 14:59:00 UTC

[jira] [Commented] (KARAF-7423) Add logback configuration option

    [ https://issues.apache.org/jira/browse/KARAF-7423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17524363#comment-17524363 ] 

Ina Thiemann commented on KARAF-7423:
-------------------------------------

I forgot to comment this earlier. I did start working on a solution to this in my own fork already. I have edited commit comments and branch name to include the issue id and will create a pull request for my solution once it builds successfully on my machine

> Add logback configuration option
> --------------------------------
>
>                 Key: KARAF-7423
>                 URL: https://issues.apache.org/jira/browse/KARAF-7423
>             Project: Karaf
>          Issue Type: Improvement
>            Reporter: Ina Thiemann
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>
> Since the log4j vulnerability of last year we've been having trouble using karaf logging in some systems that exclude vulnerable versions of log4j as a security policy. Even if log4j is not used as a logger, the configuration syntax of it is used, which requires including the log4j jar.
> We would like to have the option of using logback configuration as an added alternative to log4j, so that we can use the logging functionality on secure systems that exclude log4j.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)