Is there a recommended way to log incoming/outgoing messages without revealing the user credential?

thanawat.mahatribhop · April 2016

We are using decodeToXml() to print out the messages in the log file. However certain messages do contain user credential information like password which must not be logged due to security rules. I'm wondering if there's a recommended way to work around this problem as it looks to me that it is such a common question. Certainly one way is to decode the messages and format/print out ourselves, but hopefully there's a simpler way.

wasin.w · June 2016

Hello Thanawat,

This issue has been fixed in the Elektron SDK 1.0.3. I suggest you upgrade the API to the latest version.

Best regards,

Wasin W.

Steven McCoy · April 2016

One would have to alter the design such that the credentials are in an message envelope and then decodeToXml() can be called on the embedded data set only.

An alternative solution is to only tag the credentials after logging the message on output, and after clearing the credentials on input.

It is not common to have passwords on a TREP system, TREP itself with DACS enabled is usually only a login name.

Steven McCoy · June 2016

How has this been fixed? Elektron SDK 1.0.3 is not available yet.

Jirapongse · June 2016

It is available here. It removes password from the output of the
toString helpers on the RDMLogin Admin domain helper classes.

Is there a recommended way to log incoming/outgoing messages without revealing the user credential?

Best Answer

Answers

Categories