Skip to content

Commit 859c78a

Browse files
gnongsiegnongsie
authored
Merge pull request AuthorizeNet#151 from vijayabraj/master
Updating README with Sensitive Logger configuration
2 parents 1c4eb3f + 3c187db commit 859c78a

File tree

1 file changed

+30
-0
lines changed

1 file changed

+30
-0
lines changed

README.md

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -114,6 +114,36 @@ To create the javadocs...
114114
### Testing Guide
115115
For additional help in testing your own code, Authorize.Net maintains a [comprehensive testing guide](http://developer.authorize.net/hello_world/testing_guide/) that includes test credit card numbers to use and special triggers to generate certain responses from the sandbox environment.
116116

117+
## Logging Sensitive Data
118+
119+
The Authorize.Net Java SDK uses Log4J framework for logging purposes and it can be enabled by keeping a configuration file `Log4j.properties` in the resources folder of the application. A sample [Log4.properties](https://github.com/AuthorizeNet/sdk-java/blob/master/resources/log4j.properties) file has been provided as a reference.
120+
121+
The possible log levels are `DEBUG, INFO, WARN, ERROR` and `FATAL`. There is a new pattern layout introduced to mask sensitive data while logging and can be used with the application by providing the following configurations in the `Log4j.properties` file:
122+
123+
```
124+
// Default configuration which logs the entries in clear text
125+
126+
log4j.appender.S.layout = org.apache.log4j.PatternLayout
127+
log4j.appender.R.layout = org.apache.log4j.PatternLayout
128+
129+
// Configuration which masks the sensitive data in the log entries
130+
131+
log4j.appender.S.layout = net.authorize.util.SensitiveFilterLayout
132+
log4j.appender.R.layout = net.authorize.util.SensitiveFilterLayout
133+
134+
```
135+
136+
By default the logger comes with two appenders i.e **console** and **file transport**.
137+
138+
The list of sensitive fields which can be masked during logging are:
139+
* Card Number,
140+
* Card Code,
141+
* Expiration Date,
142+
* Name on Account,
143+
* Transaction Key, and
144+
* Account Number.
145+
146+
There is also a list of regular expressions which the sensitive logger uses to mask credit card numbers while logging. Further information on the sensitive data logging and regular expressions can be found at this [location](https://github.com/AuthorizeNet/sdk-java/blob/master/resources/AuthorizedNetSensitiveTagsConfig.json).
117147

118148
## License
119149
This repository is distributed under a proprietary license. See the provided [`LICENSE.txt`](/LICENSE.txt) file.

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy