You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cocoon.apache.org by Barbara Post <ba...@ifrance.com> on 2002/09/19 18:29:53 UTC

Re: how to prevent logging passwords in request and sessionparams?

second question : yes : see rotation tag in WEB-INF/logkit.xconf.

Babs
----- Original Message ----- 
From: "Timothy Larson" <Td...@ci.canton.oh.us>
To: <co...@xml.apache.org>
Sent: Thursday, September 19, 2002 6:17 PM
Subject: how to prevent logging passwords in request and sessionparams?


How do you prevent logging of passwords held in request parameters
and session attributes?  I do not want to turn off logging completely.

By the way, is there any sort of automated log rotation for cocoon
to prevent the logs getting too big?

Tim



---------------------------------------------------------------------
Please check that your question  has not already been answered in the
FAQ before posting.     <http://xml.apache.org/cocoon/faq/index.html>

To unsubscribe, e-mail:     <co...@xml.apache.org>
For additional commands, e-mail:   <co...@xml.apache.org>



---------------------------------------------------------------------
Please check that your question  has not already been answered in the
FAQ before posting.     <http://xml.apache.org/cocoon/faq/index.html>

To unsubscribe, e-mail:     <co...@xml.apache.org>
For additional commands, e-mail:   <co...@xml.apache.org>

Re: how to prevent logging passwords in request and sessionparams?

Posted by Vadim Gritsenko <va...@verizon.net>.

Barbara Post wrote:

>second question : yes : see rotation tag in WEB-INF/logkit.xconf.
>

First question: use log categories. Change log level for category where 
username/pwd are logged.If this is sitemap component, you can even 
assign it separate log category.

Vadim


>Babs
>----- Original Message ----- 
>From: "Timothy Larson" <Td...@ci.canton.oh.us>
>To: <co...@xml.apache.org>
>Sent: Thursday, September 19, 2002 6:17 PM
>Subject: how to prevent logging passwords in request and sessionparams?
>
>
>How do you prevent logging of passwords held in request parameters
>and session attributes?  I do not want to turn off logging completely.
>
>By the way, is there any sort of automated log rotation for cocoon
>to prevent the logs getting too big?
>
>Tim
>  
>




---------------------------------------------------------------------
Please check that your question  has not already been answered in the
FAQ before posting.     <http://xml.apache.org/cocoon/faq/index.html>

To unsubscribe, e-mail:     <co...@xml.apache.org>
For additional commands, e-mail:   <co...@xml.apache.org>