如何屏蔽日志中的密码?
[英]How to mask passwords in logs?
问题描述
What is the best approach to hide confidental data, eg passwords into logs. 
隐藏数据的最佳方法是什么,例如将密码隐藏到日志中。
I would like to log body of POST requests, which are send to my Servlet. 我想记录发送到我的Servlet的POST请求的主体。 But logging password isn't a good idea. 但是记录密码并不是一个好主意。 How to mask passwords? 如何屏蔽密码? If the regular expression is the best idea, can you propose some examples? 如果正则表达式是最好的想法,你能提出一些例子吗?
// Example:
password=123456asedqwe -> password=***
bla&password=qweqweqwe -> bla&password=***
password=qweqweqwe&qwe=qwe -> password=***&qwe=qwe
1 个解决方案
解决方案1
11 已采纳 2011-09-08 13:04:24
You can try the following simple regex replacement. 您可以尝试以下简单的正则表达式替换。 It assumes that the password lies between password= and the next & . 它假设密码位于password=和下一个& 。
String s = "password=qweqweqwe&qwe=qwe ";
String maskedPassword = s.replaceAll("password=[^&]*", "password=***");
System.out.println(maskedPassword);
prints: 打印:
password=***&qwe=qwe
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
使用Logback屏蔽密码? - Mask Passwords with Logback?
Java 掩码字符串中的密码 - Java Mask Passwords in String
如何使用星号等在命令行Java程序中屏蔽密码? - How do I mask passwords in a command-line Java program with asterisks or the like?
如何在数据库中存储密码? - how to store passwords in database?
如何使用正则表达式查找密码 - How to find passwords with regex
启用调试日志记录时,apache httpclient以明文形式记录密码 - apache httpclient logs passwords in cleartext when debug logging is turned on
如何安全地在Android上存储密码? - How to safely store passwords on Android?
如何在 Ktor 中散列和验证密码? - How to hash and verify passwords in Ktor?
如何在Java中更改kerberos密码 - How to change kerberos passwords in Java
如何管理Web应用程序中的密码? - How to manage passwords in web applications?
相关标签