在我们的日志中,我们看到信用卡号码是由于人们使用 CC 信息点击我们应用程序中的一些 ULR(我不知道他们为什么这样做)。我们希望清理这些信息(出于 PCI 考虑),甚至不将其保存到磁盘。
因此,我希望能够在日志条目到达日志文件之前对其进行清理。我一直在研究 Tomcat Valves(访问日志阀)。这是要走的路吗?
我能够通过扩展来解决这个问题AccessLogValve http://tomcat.apache.org/tomcat-6.0-doc/api/org/apache/catalina/valves/AccessLogValve.html并压倒一切public log(java.lang.String message) http://tomcat.apache.org/tomcat-6.0-doc/api/org/apache/catalina/valves/AccessLogValve.html#log%28java.lang.String%29:
public class SanitizedAccessLogValve extends AccessLogValve {
private static Pattern pattern = Pattern.compile("\\b(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})\\b");
/*
This method will sanitize any cc numbers in the string and replace them with x's
*/
private String sanitize(String string) {
String sanitizedString = string;
if(string != null) {
StringBuffer buffer = new StringBuffer();
Matcher matcher = pattern.matcher(string);
while(matcher.find()) {
MatchResult matchResult = matcher.toMatchResult();
int start = matchResult.start();
int end = matchResult.end();
String matchedText = string.substring(start, end);
matcher.appendReplacement(buffer, "xxxxxxxxxxxxxxxx");
}
matcher.appendTail(buffer);
sanitizedString = buffer.toString();
}
return sanitizedString;
}
@Override
public void log(String message) {
super.log(sanitize(message));
}
}
您需要将其编译成jar,然后将该jar文件放入$CATALINA_HOME/lib.
然后在你的server.xml:
<Valve className="my.valves.SanitizedAccessLogValve"
directory="access_logs" prefix="localhost." suffix=".log"
pattern='%v %h %t "%r" %s %B %T "%{User-Agent}i"'/>
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)
