[logback-dev] [JIRA] Created: (LBCLASSIC-205) DBAppender logs sensitive properties to the database when using property substitution in the configuration file

Chris Pruett (JIRA) noreply-jira at qos.ch
Tue Apr 27 07:24:16 CEST 2010 

DBAppender logs sensitive properties to the database when using property substitution in the configuration file
---------------------------------------------------------------------------------------------------------------

                 Key: LBCLASSIC-205
                 URL: http://jira.qos.ch/browse/LBCLASSIC-205
             Project: logback-classic
          Issue Type: Bug
          Components: appender
    Affects Versions: 0.9.20
            Reporter: Chris Pruett
            Assignee: Logback dev list


Logback's DBAppender logs all properties in its context and MDC to the database. I would like to control which properties are logged, specifically filtering out certain values, but I can't find any options to do so. The documentation is terse:

  The logging_event_property is used to store the keys and values contained in the MDC or the Context

It should be possible to exclude certain properties, especially sensitive properties such as database connection parameters.

Here is an example:

Logback is configured with a DBAppender that loads its properties from vct.properties:

<configuration>
    <property resource="vct.properties" />

    <appender name="DB" class="ch.qos.logback.classic.db.DBAppender">
        <connectionSource class="ch.qos.logback.core.db.DataSourceConnectionSource">
            <dataSource class="com.mchange.v2.c3p0.ComboPooledDataSource">
                <driverClass>com.mysql.jdbc.Driver</driverClass>
                <jdbcUrl>jdbc:mysql://${log.db.host}:${log.db.port}/${log.db.schema}</jdbcUrl>
                <user>${log.db.username}</user>
                <password>${log.db.password}</password>
            </dataSource>
        </connectionSource>
    </appender>

    <root level="DEBUG">
        <appender-ref ref="DB" />
    </root>
</configuration>
vct.properties has the connection settings:

log.db.host=localhost
log.db.port=3306
log.db.schema=logs_development
log.db.username=loguser
log.db.password=logpass
When an event is logged, all of the connection settings are logged:

mysql> select * from logging_event_property where event_id=1;
+----------+---------------------+-------------------------------------------+
| event_id | mapped_key          | mapped_value                              |
+----------+---------------------+-------------------------------------------+
|        1 | log.db.host         | localhost                                 | 
|        1 | log.db.password     | logpass                                   | 
|        1 | log.db.port         | 3306                                      | 
|        1 | log.db.schema       | logs_development                          | 
|        1 | log.db.username     | loguser                                   | 
+----------+---------------------+-------------------------------------------+

Note that this is also documented on Stack Overflow, and logged as a bug per Ceki's request: http://stackoverflow.com/questions/2648267/can-i-prevent-logbacks-dbappender-from-logging-specific-properties/

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.qos.ch/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the logback-dev mailing list