[NXDRIVE-2828] Remove sensitive information from Drive logs - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 5.4.0
Component/s: Logging

Tags:
- SupCom
- nxdrive
Backlog priority:
800
Sprint:
nxdrive #39, nxdrive #40
Story Points:
5

Description

It appears that credentials and tokens are logged by Nuxeo Drive => this is not essential information for investigation and they should be removed from the logs. Note that a username should be kept, because it may be useful to validate a connection, but not the password.

Maybe other sensitive information should be removed but we'll have to discuss if they are useful for any investigation the Drive team or the Support team could do.

Attachments

Issue Links

depends on

NXDRIVE-2880 Remove message on DEBUG log level

Resolved

is related to

NXDRIVE-2840 Discovery - Remove sensitive information

Resolved

NXPY-248 Remove sensitive information

Resolved

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...

(2 mentioned in)

Options

Sub-Tasks

Test Sensitive information update

Resolved

anroy

Activity

People

Assignee:

Sweta Yadav

Reporter:

Thierry Martins

Participants:

Jenkins, pramkrishnadain, Sweta Yadav, Thierry Martins

Votes:

0 Vote for this issue

Watchers:

5 Start watching this issue

Dates

Created:

2023-03-20 18:50

Updated:

2024-07-25 09:37

Resolved:

2023-09-26 07:22