Details
-
Fix
-
Status: Released (View Workflow)
-
Minor
-
Resolution: Fixed
-
1.9.11, 1.10.5
-
None
Description
Current Situation
- When JobScheduler writes log4j format log files, at startup JobScheduler also writes the database password with the database connection string and username, see line number 2
INFO [C++] (CppLogger.scala:24) - SCHEDULER-900 Scheduler 1.10.2 is starting with C:/Users/ur/Documents/sos-berlin.com/jobscheduler/scheduler_4102/config/scheduler.xml, pid=1732 INFO [C++] (CppLogger.scala:24) - (Database) SCHEDULER-907 Opening database: jdbc -id=spooler -class=oracle.jdbc.driver.OracleDriver jdbc:oracle:thin:@//8of9:1521/test -user=scheduler -password=scheduler INFO [C++] (CppLogger.scala:24) - (Database) SCHEDULER-807 Using database product Oracle INFO [C++] (CppLogger.scala:24) - SCHEDULER-956 Scheduler expects commands from UDP port 4102 INFO [C++] (CppLogger.scala:24) - SCHEDULER-956 Scheduler expects commands from TCP port 4102 - In scheduler.log file the log message does not include the database password
How to reproduce
- Use the following Log4j properties to configure log4j format logs
- You will find the log in c:/temp/jobscheduler.log (you can change the file name in the file log4j.properties)
log4j.rootCategory=info, SYSLOG log4j.appender.SYSLOG=org.apache.log4j.FileAppender log4j.appender.SYSLOG.File=c:/temp/jobscheduler.log log4j.appender.SYSLOG.layout=org.apache.log4j.PatternLayout log4j.appender.SYSLOG.layout.conversionPattern=%5p [%t] (%F:%L) - %m%n
Desired Behavior
- The log4j format scheduler log file should not include a plain text database password.