Skip to content

Commit d489904

Browse files
vijayabrajvijayabraj
committed
Updating README about Sensitive Logging in JavaSdk
1 parent 44db5d8 commit d489904

File tree

1 file changed

+28
-0
lines changed

1 file changed

+28
-0
lines changed

README.md

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -114,6 +114,34 @@ To create the javadocs...
114114
### Testing Guide
115115
For additional help in testing your own code, Authorize.Net maintains a [comprehensive testing guide](http://developer.authorize.net/hello_world/testing_guide/) that includes test credit card numbers to use and special triggers to generate certain responses from the sandbox environment.
116116

117+
## Logging Sensitive Data
118+
The Authorize.Net Java SDK uses Log4J framework for logging purposes and it can be enabled by keeping a configuration file `Log4j.properties` in the resources folder of the application. A sample [Log4.properties](https://github.com/AuthorizeNet/sdk-java/blob/master/resources/log4j.properties) file has been provided as a reference.
119+
120+
The possible log levels are `DEBUG, INFO, WARN, ERROR` and `FATAL`.
121+
122+
There is a new pattern layout introduced to mask sensitive data while logging and can be used with the application by providing the following configurations in the `Log4j.properties` file:
123+
```
124+
// Default configuration which logs the entries in clear text
125+
log4j.appender.S.layout = org.apache.log4j.PatternLayout
126+
log4j.appender.R.layout = org.apache.log4j.PatternLayout
127+
128+
// Configuration which masks the sensitive data in the log entries
129+
log4j.appender.S.layout = net.authorize.util.SensitiveFilterLayout
130+
log4j.appender.R.layout = net.authorize.util.SensitiveFilterLayout
131+
```
132+
By default the logger comes with two appenders i.e **console** and **file transport**.
133+
134+
The list of sensitive fields which can be masked during logging are:
135+
* Card Number,
136+
* Card Code,
137+
* Expiration Date,
138+
* Name on Account,
139+
* Transaction Key, and
140+
* Account Number.
141+
142+
There is also a list of regular expressions which the sensitive logger uses to mask credit card numbers while logging.
143+
144+
Further information on the sensitive data logging and regular expressions can be found at this [location](https://github.com/AuthorizeNet/sdk-java/blob/master/resources/AuthorizedNetSensitiveTagsConfig.json).
117145

118146
## License
119147
This repository is distributed under a proprietary license. See the provided [`LICENSE.txt`](/LICENSE.txt) file.

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy