Hello Shtuthi,
Yeah one is that, which is from the server.xml,
(
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="/
logs"
prefix="localhost_access_log." suffix=".log"
pattern="%h %l %u %t "%r" %s %b" />
)
And the other is the one that is displaying in catalina,
(fineract-provider-log)
(
166270 [http-bio-8443-exec-7] INFO
o.a.f.i.s.f.TenantAwareBasicAuthenticationFilter -
{"startTime":1544448486351,"totalTime":232,"method":"POST","url":"
https://localhost:8443/fineract-provider/api/v1/authentication
","parameters":{"username":["admin"]}}
)
******************************************
My Recommendation is also as follows,
In a system my company is using, the passwords in the xml files are
encrypted. And the system will decrypt them before reading.
I will attach these files on private email for copyright issues, and hope
they will give you ideas on how to construct one for Mifos.
Regards,
Abiy
On Thu, Dec 13, 2018 at 10:05 AM Shruthi M R <
[email protected]> wrote:
>
> Thanks Abiy for bringing this to our attention.
>
> Are you referring the API - POST
> /fineract-provider/api/v1/authentication?username=ABC&password=78loknbj
> HTTP/1.1" 200 353 ?
> being logged in localhost_access_log?
>
> Thank You,
>
> *Shruthi M R*
> Senior Software Engineer - Conflux Technologies
> [email protected] | Skype: Shruthi Rajaram | Mobile:
> +91-8277012716
>
>
> On Tue, Dec 11, 2018 at 6:24 PM Abiy Atsbha <[email protected]> wrote:
>
>> Hi All,
>>
>> How can we hide the username & password that is visible in the
>> localhost_access_log.2018-12-11. log file?
>>
>> The Username and Password is visiblebin the log. Any means to hide this
>> content?
>>
>> Thanks in Advance,
>> Abiy-A
>>
> Mifos-developer mailing list
>> [email protected]
>> Unsubscribe or change settings at:
>> https://lists.sourceforge.net/lists/listinfo/mifos-developer
>
>
_______________________________________________
Mifos-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mifos-users
