3

I am currently working on an application that uses Apache CXF to make requests to a third party. We need to log every request that is being sent. The issue is, many of these requests contain sensitive data that cannot be logged. The data itself is usually encrypted before being sent, but we can't even log the encrypted value.

A super easy solution would be to create a "blacklist" of fields that shouldn't be logged. The problem with this is it is easy to miss a field in a constantly growing application.

What I want to do is figure out a way to "whitelist" fields that should be logged.

It seems complicated, but I can't be the only person that has ever needed to do this.

mad_fox
  • 3,030
  • 5
  • 31
  • 43
  • So you want to log the request before being encrypted and removing the sensitive fields? Could you annotate each field to hide and then use a custom serializer ? – pedrofb Jan 09 '17 at 20:46
  • The field values are encrypted, not the entire request, so the logging would generally take place after the fields have already been encrypted encrypted. We can't annotate the classes because we receive the wsdl from the third party. Every time we regenerate the classes, we would have to go back and add the logging annotations to the classes again. – mad_fox Jan 09 '17 at 20:56
  • Then a whitelist seems an acceptable choice. A blacklist is risky because is difficult to build the word set and the wsdl provider can change names that could skip the control. May be you can set an interceptor after encryption to leave blank the fields not present in the whitelist – pedrofb Jan 09 '17 at 21:11
  • The value is already encrypted when it is set in the object that will be serialized. Not all values are actually always encrypted, most of them are. – mad_fox Jan 09 '17 at 21:58
  • Since I had limited fields I used blacklisting, here is the link for answer I had given few years back. http://stackoverflow.com/questions/23212313/cxf-logging-request-response-with-content-filtering/23214151#23214151 Though It might not be efficient but it covers all the cases of soap fields. One imporvement I can think of is move the keys to field level and set the fields while you create the bean. May be you can change it to whitelisting by applying not condition. – Karthik Prasad Jan 10 '17 at 07:05
  • @mad_fox I believe from performance perspective blacklist shall is better than white list, as number of white list field would be large enough – Karthik Prasad Jan 17 '17 at 07:06

1 Answers1

0

I've written a tool which allows for anonymize / subtree removal based on a subset of XPath expressions. I guess a more advanced approach would use a SAX filter.

ThomasRS
  • 8,215
  • 5
  • 33
  • 48