[openstack-dev] masking X-Auth-Token in debug output - proposed consistency

Xuhan Peng pengxuhan at gmail.com
Fri Jun 13 02:47:49 UTC 2014


Sorry to interrupt this discussion.




Sean, 




Since I'm working the neutron client code change, by looking at your code change to nova client, looks like only X-Auth-Token is taken care of in http_log_req. There is also password in header and token id in response. Any particular reason that they are not being taken care of?




Thanks, 

Xu Han
—
Sent from Mailbox for iPhone

On Fri, Jun 13, 2014 at 8:47 AM, Gordon Chung <chungg at ca.ibm.com> wrote:

>> I'm hoping we can just ACK this approach, and get folks to start moving
>> patches through the clients to clean this all up.
> just an fyi, in pyCADF, we obfuscate tokens similar to how credit cards 
> are handled: by capturing a percentage of leading and trailing characters 
> and substituting the middle ie. "4724 xxxxxxxx 8478". whatever we decide 
> here, i'm all for having a consistent way of masking and minimising tokens 
> in OpenStack.
> cheers,
> gordon chung
> openstack, ibm software standards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140612/7383f51c/attachment.html>


More information about the OpenStack-dev mailing list