英文:
WSO2 APIM - Remove Authorization header from API LOG
问题
I want to remove from api.log file the authorization header that appears there:
[2022-02-08 15:00:57,703] INFO {API_LOG} pizzashack - {"headers":["accept=application/json",...,"Connection=keep-alive","Host=localhost:8243","authorization=Bearer yJraWQiOiJnYXRld2F5X3g...","Origin=https://localhost:9443"..
I want to delete that token inside authorization header, how can I do it? I have tried with log4j properties adding:
logger.API_LOGGER.property.apim.message = %replace{%msg}{authorization:[^,]*}{"Authorization: Bearer ***"}{}
But it gives me an error when restarting APIM.
英文:
I want to remove from api.log file the authorization header that appears there:
[2022-02-08 15:00:57,703] INFO {API_LOG} pizzashack - {"headers":["accept=application/json",...,"Connection=keep-alive","Host=localhost:8243","authorization=Bearer yJraWQiOiJnYXRld2F5X3g...","Origin=https://localhost:9443"..
I want to delete that token inside authorization header, how can i do it? I have tried with log4jproperties adding:
logger.API_LOGGER.property.apim.message = %replace{%msg}{authorization:[^,]*}{"Authorization: Bearer ***"}{}
But it gives me an error when restarting APIM.
答案1
得分: 0
你可以使用日志屏蔽来完成这个任务[1]。
下面是一个示例配置。
- 在deployment.toml中添加以下JWT的屏蔽正则表达式(请注意,这只是一个示例,你可能需要改进它以仅捕获JWT,)
[masking_pattern.properties]
"JWT" = '\\b([a-zA-Z0-9_=]+)\\.([a-zA-Z0-9_=]+)\\.([a-zA-Z0-9_\\-\\+\\/=]*)\\''
- 通过以下方式更新日志模式来启用API_LOGGER的日志屏蔽。
appender.API_LOGFILE.layout.pattern = [%d] %5p {%c} %X{apiName} - %mm%ex%n
英文:
You should be able to do this using log-masking[1].
A sample config is shown below.
- Add below masking regex for JWT in deployment.toml (Please note this is a sample only, you may have to improve this to only capture JWTs, )
[masking_pattern.properties]
"JWT" = ' \\b([a-zA-Z0-9_=]+)\\.([a-zA-Z0-9_=]+)\\.([a-zA-Z0-9_\\-\\+\\/=]*)\\"'
- Enable log masking for API_LOGGER by updating log pattern as below.
appender.API_LOGFILE.layout.pattern = [%d] %5p {%c} %X{apiName} - %mm%ex%n
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论