1) passwords are currently logged by keystone when you enable debug mode (and there's a big warning in the sample.conf about passwords in plain text) 2) the fix is very specific to the identity api's json presentation of passwords 3) if any other service is handling passwords, then we're doing something very wrong I don't see a reason for anything to go into oslo? -Dolph On Thu, Apr 18, 2013 at 1:48 AM, Bhandaru, Malini K < malini.k.bhandaru at intel.com> wrote: > Hello All!**** > > ** ** > > David Geng is addressing a case of password logging in keystone. Do we > handle any passwords in other openstack**** > > components and log them? Might they benefit from David moving his fix > into Oslo as a log filter (a nice suggestion from Guang-yee).**** > > Please weigh in. If yes, what is expected the string pattern?**** > > ** ** > > https://review.openstack.org/#/c/26487/**** > > ** ** > > ** ** > > Regards**** > > Malini**** > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev at lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130418/25c21a70/attachment.html>