Skip to content

Commit d489904

Browse files
vijayabrajvijayabraj
committed
Updating README about Sensitive Logging in JavaSdk
1 parent 44db5d8 commit d489904

File tree

1 file changed

+28
-0
lines changed

1 file changed

+28
-0
lines changed

README.md

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -114,6 +114,34 @@ To create the javadocs...
114114
### Testing Guide
115115
For additional help in testing your own code, Authorize.Net maintains a [comprehensive testing guide](http://developer.authorize.net/hello_world/testing_guide/) that includes test credit card numbers to use and special triggers to generate certain responses from the sandbox environment.
116116

117+
## Logging Sensitive Data
118+
The Authorize.Net Java SDK uses Log4J framework for logging purposes and it can be enabled by keeping a configuration file `Log4j.properties` in the resources folder of the application. A sample [Log4.properties](https://github.com/AuthorizeNet/sdk-java/blob/master/resources/log4j.properties) file has been provided as a reference.
119+
120+
The possible log levels are `DEBUG, INFO, WARN, ERROR` and `FATAL`.
121+
122+
There is a new pattern layout introduced to mask sensitive data while logging and can be used with the application by providing the following configurations in the `Log4j.properties` file:
123+
```
124+
// Default configuration which logs the entries in clear text
125+
log4j.appender.S.layout = org.apache.log4j.PatternLayout
126+
log4j.appender.R.layout = org.apache.log4j.PatternLayout
127+
128+
// Configuration which masks the sensitive data in the log entries
129+
log4j.appender.S.layout = net.authorize.util.SensitiveFilterLayout
130+
log4j.appender.R.layout = net.authorize.util.SensitiveFilterLayout
131+
```
132+
By default the logger comes with two appenders i.e **console** and **file transport**.
133+
134+
The list of sensitive fields which can be masked during logging are:
135+
* Card Number,
136+
* Card Code,
137+
* Expiration Date,
138+
* Name on Account,
139+
* Transaction Key, and
140+
* Account Number.
141+
142+
There is also a list of regular expressions which the sensitive logger uses to mask credit card numbers while logging.
143+
144+
Further information on the sensitive data logging and regular expressions can be found at this [location](https://github.com/AuthorizeNet/sdk-java/blob/master/resources/AuthorizedNetSensitiveTagsConfig.json).
117145

118146
## License
119147
This repository is distributed under a proprietary license. See the provided [`LICENSE.txt`](/LICENSE.txt) file.

0 commit comments

Comments
 (0)