自定义log4j日志记录敏感数据 [英] Customising log4j logging for sensitive data
问题描述
我有一堂课,其中包含敏感信息(信用卡信息,电话号码等).
I have a class which contains sensitive information (Credit card info, phone numbers etc).
我希望能够将此类传递给log4j,但是使某些信息模糊.
I want to be able to pass this class to log4j, but have it obscure certain information.
如果我有一个具有getPhoneNumber,getCreditCardNumber方法的UserInformation类,那么我将如何自定义log4j或此类,以便它可以正确地遮盖数字.
If I have a class UserInformation which has getPhoneNumber, getCreditCardNumber methods, how would I customise log4j or this class so that it will obscure the numbers correctly.
我希望将信用卡号输出为xxxx-xxxx-xxxx-1234,并将电话号码输出为xxxx-xxx-xxx,因为它们分别为1234-1234-1234-1234和1234-567-890
I want the credit card number to be output as xxxx-xxxx-xxxx-1234 and the phone number to be output as xxxx-xxx-xxx given that these would be 1234-1234-1234-1234 and 1234-567-890
谢谢
推荐答案
您可以尝试编写一个模糊这些模式的自定义日志记录格式化程序来实现此目的.但是我认为这有点狡猾……因为有人可能会通过调整记录器的配置文件等来意外或故意绕开它.
You could try to implement this by writing a custom log record formatter that obscures those patterns. But I think that is a bit dodgy ... because someone could accidentally or deliberately circumvent this by tweaking the logger configuration files, etc.
我认为最好执行以下操作之一,具体取决于您如何组装日志消息:
I think it would be better idea to do one of the following, depending on how you are assembling the log messages:
- 更改代码中的logger调用,以使用
UserInformation
上的替代getter方法来汇编日志消息,这些方法会掩盖敏感字段. - 更改
UserInformation
上的toString
方法以掩盖细节.
- Change the logger calls in your code to assemble the log messages using alternative getter methods on
UserInformation
that obscure the sensitive fields. - Change the
toString
method onUserInformation
to obscure the details.
这篇关于自定义log4j日志记录敏感数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!