owasp-security-logging icon indicating copy to clipboard operation
owasp-security-logging copied to clipboard

Published 20 hours ago verified publisher icon augustd

Support for security logging annotations and aspects

Open javabeanz opened this issue 10 years ago • 4 comments

javabeanz avatar Sep 15 '14 17:09 javabeanz

Hi @javabeanz. Please provide a little more detail for the benefits of logging annotations and aspects so we understand what you propose. So for example, what annotations do you suggest and what do they do? Also for AOP, what aspects should we create and where should they be bound? Thanks. --Milton

spoofzu avatar Feb 16 '18 01:02 spoofzu

all configuration for the securrity logging library now is done now with xml, but it can also be done with annotations. Here is an example of what i mean : https://projectlombok.org/features/log. If you can annotate a property with say @Masked it would only show up in logs as masked value (f.i. last 4 numbers of a credit card). Those are the features i am thinking of.

javabeanz avatar Feb 16 '18 11:02 javabeanz

I like this idea. Developers could annotate properties of their classes and prevent them from being logged incidentally (e.g. if MyBean.toString() is called).

augustd avatar Jan 24 '19 01:01 augustd

I agree, Log and Masked appear beneficial features. It’s tiring to constantly define the same class variable everywhere. I like minimizing broiler-plate code. —Milton

Please excuse if terse. Sent via mobile device.

On Jan 23, 2019, at 17:02, August Detlefsen [email protected] wrote:

I like this idea. Developers could annotate properties of their classes and prevent them from being logged incidentally (e.g. if MyBean.toString() is called).

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

spoofzu avatar Jan 24 '19 01:01 spoofzu