You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@directory.apache.org by Maxim Solodovnik <so...@gmail.com> on 2014/07/23 15:25:32 UTC
Changing logging level
Hello,
I have successfully integrated Apache directory API into our project
openmeetings.apache.org.
We using logback to configure logging in our project.
User claims in mailing lists and direct emails: LDAP passwords are being
printed to the log in plain text
I have modified logback config: [1] and the issue is not reproducible for
me, but it doesn't help the user.
What else can be checked to investigate/fix this issue?
[
https://svn.apache.org/repos/asf/openmeetings/branches/3.0.x/src/main/webapp/WEB-INF/classes/logback-config.xml
]
--
WBR
Maxim aka solomax
Re: Changing logging level
Posted by Maxim Solodovnik <so...@gmail.com>.
@Michael, can you subscribe to this list and share some logs?
On 23 July 2014 21:07, Emmanuel Lécharny <el...@gmail.com> wrote:
> Le 23/07/2014 15:46, Maxim Solodovnik a écrit :
> > Thanks Kiran! Will try to localize
> In any case, we should *never* log a password.
>
> The only place I can imagine the password will be printed is the BER
> decoding part, where we are printing the PDU we receive from a client,
> while we have no idea about what PDU they are.
>
> If you can get some of the client logs, that could help.
>
>
--
WBR
Maxim aka solomax
Re: Changing logging level
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 23/07/2014 15:46, Maxim Solodovnik a écrit :
> Thanks Kiran! Will try to localize
In any case, we should *never* log a password.
The only place I can imagine the password will be printed is the BER
decoding part, where we are printing the PDU we receive from a client,
while we have no idea about what PDU they are.
If you can get some of the client logs, that could help.
Re: Changing logging level
Posted by Maxim Solodovnik <so...@gmail.com>.
Thanks Kiran! Will try to localize
On 23 July 2014 20:42, Kiran Ayyagari <ka...@apache.org> wrote:
> On Wed, Jul 23, 2014 at 7:09 PM, Maxim Solodovnik <so...@gmail.com>
> wrote:
>
> > Our user (Michael in CC) changes the level to OFF and still get passwords
> > printed
> >
> looks like a logging configuration issue on his part
>
> > I can't reproduce this, and have no idea what else can I suggest :(
> >
> >
> > On 23 July 2014 20:37, Kiran Ayyagari <ka...@apache.org> wrote:
> >
> > > Hi Maxim,
> > >
> > > I suggest you change the logging level of org.apache.directory to
> WARN
> > > even at INFO level ApacheDS logs a lot of data
> > >
> > >
> > > On Wed, Jul 23, 2014 at 6:55 PM, Maxim Solodovnik <
> solomax666@gmail.com>
> > > wrote:
> > >
> > > > Hello,
> > > >
> > > > I have successfully integrated Apache directory API into our project
> > > > openmeetings.apache.org.
> > > > We using logback to configure logging in our project.
> > > >
> > > > User claims in mailing lists and direct emails: LDAP passwords are
> > being
> > > > printed to the log in plain text
> > > > I have modified logback config: [1] and the issue is not reproducible
> > for
> > > > me, but it doesn't help the user.
> > > > What else can be checked to investigate/fix this issue?
> > > >
> > > >
> > > > [
> > > >
> > > >
> > >
> >
> https://svn.apache.org/repos/asf/openmeetings/branches/3.0.x/src/main/webapp/WEB-INF/classes/logback-config.xml
> > > > ]
> > > > --
> > > > WBR
> > > > Maxim aka solomax
> > > >
> > >
> > >
> > >
> > > --
> > > Kiran Ayyagari
> > > http://keydap.com
> > >
> >
> >
> >
> > --
> > WBR
> > Maxim aka solomax
> >
>
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>
--
WBR
Maxim aka solomax
Re: Changing logging level
Posted by Kiran Ayyagari <ka...@apache.org>.
On Wed, Jul 23, 2014 at 7:09 PM, Maxim Solodovnik <so...@gmail.com>
wrote:
> Our user (Michael in CC) changes the level to OFF and still get passwords
> printed
>
looks like a logging configuration issue on his part
> I can't reproduce this, and have no idea what else can I suggest :(
>
>
> On 23 July 2014 20:37, Kiran Ayyagari <ka...@apache.org> wrote:
>
> > Hi Maxim,
> >
> > I suggest you change the logging level of org.apache.directory to WARN
> > even at INFO level ApacheDS logs a lot of data
> >
> >
> > On Wed, Jul 23, 2014 at 6:55 PM, Maxim Solodovnik <so...@gmail.com>
> > wrote:
> >
> > > Hello,
> > >
> > > I have successfully integrated Apache directory API into our project
> > > openmeetings.apache.org.
> > > We using logback to configure logging in our project.
> > >
> > > User claims in mailing lists and direct emails: LDAP passwords are
> being
> > > printed to the log in plain text
> > > I have modified logback config: [1] and the issue is not reproducible
> for
> > > me, but it doesn't help the user.
> > > What else can be checked to investigate/fix this issue?
> > >
> > >
> > > [
> > >
> > >
> >
> https://svn.apache.org/repos/asf/openmeetings/branches/3.0.x/src/main/webapp/WEB-INF/classes/logback-config.xml
> > > ]
> > > --
> > > WBR
> > > Maxim aka solomax
> > >
> >
> >
> >
> > --
> > Kiran Ayyagari
> > http://keydap.com
> >
>
>
>
> --
> WBR
> Maxim aka solomax
>
--
Kiran Ayyagari
http://keydap.com
Re: Changing logging level
Posted by Maxim Solodovnik <so...@gmail.com>.
Our user (Michael in CC) changes the level to OFF and still get passwords
printed
I can't reproduce this, and have no idea what else can I suggest :(
On 23 July 2014 20:37, Kiran Ayyagari <ka...@apache.org> wrote:
> Hi Maxim,
>
> I suggest you change the logging level of org.apache.directory to WARN
> even at INFO level ApacheDS logs a lot of data
>
>
> On Wed, Jul 23, 2014 at 6:55 PM, Maxim Solodovnik <so...@gmail.com>
> wrote:
>
> > Hello,
> >
> > I have successfully integrated Apache directory API into our project
> > openmeetings.apache.org.
> > We using logback to configure logging in our project.
> >
> > User claims in mailing lists and direct emails: LDAP passwords are being
> > printed to the log in plain text
> > I have modified logback config: [1] and the issue is not reproducible for
> > me, but it doesn't help the user.
> > What else can be checked to investigate/fix this issue?
> >
> >
> > [
> >
> >
> https://svn.apache.org/repos/asf/openmeetings/branches/3.0.x/src/main/webapp/WEB-INF/classes/logback-config.xml
> > ]
> > --
> > WBR
> > Maxim aka solomax
> >
>
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>
--
WBR
Maxim aka solomax
Re: Changing logging level
Posted by Kiran Ayyagari <ka...@apache.org>.
Hi Maxim,
I suggest you change the logging level of org.apache.directory to WARN
even at INFO level ApacheDS logs a lot of data
On Wed, Jul 23, 2014 at 6:55 PM, Maxim Solodovnik <so...@gmail.com>
wrote:
> Hello,
>
> I have successfully integrated Apache directory API into our project
> openmeetings.apache.org.
> We using logback to configure logging in our project.
>
> User claims in mailing lists and direct emails: LDAP passwords are being
> printed to the log in plain text
> I have modified logback config: [1] and the issue is not reproducible for
> me, but it doesn't help the user.
> What else can be checked to investigate/fix this issue?
>
>
> [
>
> https://svn.apache.org/repos/asf/openmeetings/branches/3.0.x/src/main/webapp/WEB-INF/classes/logback-config.xml
> ]
> --
> WBR
> Maxim aka solomax
>
--
Kiran Ayyagari
http://keydap.com