From 3c187db4c3a017381f879f43a653d5c66ba20657 Mon Sep 17 00:00:00 2001
From: Selvaraj <bselvara@visa.com>
Date: Thu, 25 Oct 2018 09:41:31 +0530
Subject: [PATCH] Updating README with Sensitive Logger configuration

---
 README.md | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/README.md b/README.md
index 63e5b55a..b9d3c3b0 100644
--- a/README.md
+++ b/README.md
@@ -114,6 +114,36 @@ To create the javadocs...
 ### Testing Guide
 For additional help in testing your own code, Authorize.Net maintains a [comprehensive testing guide](http://developer.authorize.net/hello_world/testing_guide/) that includes test credit card numbers to use and special triggers to generate certain responses from the sandbox environment.
 
+## Logging Sensitive Data 
+ 
+The Authorize.Net Java SDK uses Log4J framework for logging purposes and it can be enabled by keeping a configuration file `Log4j.properties` in the resources folder of the application. A sample [Log4.properties](https://github.com/AuthorizeNet/sdk-java/blob/master/resources/log4j.properties) file has been provided as a reference.  
+ 
+The possible log levels are `DEBUG, INFO, WARN, ERROR` and `FATAL`.  There is a new pattern layout introduced to mask sensitive data while logging and can be used with the application by providing the following configurations in the `Log4j.properties` file:   
+ 
+``` 
+// Default configuration which logs the entries in clear text 
+
+log4j.appender.S.layout = org.apache.log4j.PatternLayout 
+log4j.appender.R.layout = org.apache.log4j.PatternLayout 
+ 
+// Configuration which masks the sensitive data in the log entries 
+
+log4j.appender.S.layout = net.authorize.util.SensitiveFilterLayout 
+log4j.appender.R.layout = net.authorize.util.SensitiveFilterLayout 
+
+``` 
+ 
+By default the logger comes with two appenders i.e **console** and **file transport**.  
+ 
+The list of sensitive fields which can be masked during logging are: 
+* Card Number, 
+* Card Code, 
+* Expiration Date,  
+* Name on Account,  
+* Transaction Key, and  
+* Account Number.  
+ 
+There is also a list of regular expressions which the sensitive logger uses to mask credit card numbers while logging.  Further information on the sensitive data logging and regular expressions can be found at this [location](https://github.com/AuthorizeNet/sdk-java/blob/master/resources/AuthorizedNetSensitiveTagsConfig.json). 
 
 ## License
 This repository is distributed under a proprietary license. See the provided [`LICENSE.txt`](/LICENSE.txt) file.
\ No newline at end of file

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/AuthorizeNet/sdk-java/pull/151.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/AuthorizeNet/sdk-java/pull/151.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/AuthorizeNet/sdk-java/pull/151.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/AuthorizeNet/sdk-java/pull/151.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>