TechQA.

How to censor/hide a HOCON value from appearing in Ktor logs

209 views Asked by At

Using Ktor as a web server and configuring it with the (HOCON) application.conf file.

I've setup a default password for connecting to a database in the configuration, as well as the ability for it to be overridden with an environment variable.

When the server starts, the configurations is printed to the console (and probably in future stored in logs), the problem is that the password is plainly visible.

Does anyone know of a way to prevent this?

Representative application.conf:

ktor {

    deployment {
        port = 8080
        port = ${?PORT}

        databaseUrl = ${?DATABASE_URL}
        databaseUser = ${?DATABASE_USER}
        databasePassword = ${?DATABASE_PASSWORD}
        ...
    }
}

Example server output

...
# env var DATABASE_PASSWORD
"databasePassword" : "mysecretpassword",
# env var DATABASE_URL
"databaseUrl" : "jdbc:postgresql://localhost:5432/postgres",
# env var DATABASE_USER
"databaseUser" : "postgres",
...
logging ktor hocon
Original Q&A
1

There are 1 answers

1
Aleksei Tirman On BEST ANSWER

You can put your parameters with sensitive values inside the security section to make them hidden inside logs. Here is an example:

ktor {
    deployment {
        port = 8085
        port = ${?PORT}
    }

    security {
        databaseUrl = ${?DATABASE_URL}
        databaseUser = ${?DATABASE_USER}
        databasePassword = ${?DATABASE_PASSWORD}
    }

    application {
        modules = [ com.example.ApplicationKt.module ]
    }
}

Related Questions in LOGGING

Related Questions in KTOR

Related Questions in HOCON

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions