Add sample log redaction config to EG opensrf_core

Redact parameter logging for the following API calls:

Login:
open-ils.auth.authenticate.verify
open-ils.auth.authenticate.complete
open-ils.auth_proxy.login

User updates:
open-ils.actor.user.password
open-ils.actor.user.username
open-ils.actor.user.email
open-ils.actor.patron.update
open-ils.cstore.direct.actor.user.create
open-ils.cstore.direct.actor.user.update
open-ils.cstore.direct.actor.user.delete

Signed-off-by: Bill Erickson <berick@esilibrary.com>
Signed-off-by: Dan Scott <dscott@laurentian.ca>

diff --git a/Open-ILS/examples/opensrf_core.xml.example b/Open-ILS/examples/opensrf_core.xml.example
index 440bd8b..7bc022f 100644 (file)
--- a/Open-ILS/examples/opensrf_core.xml.example
+++ b/Open-ILS/examples/opensrf_core.xml.example
@@ -170,4 +170,22 @@ Example OpenSRF bootstrap configuration file for Evergreen
     </router>
   </routers>
   <!-- ======================================================================================== -->
+
+  <!-- Any methods which match any of these match_string node values will     
+       have their params redacted from lower-level input logging.             
+       Adjust these examples as needed. -->      
+  <shared>
+    <log_protect>
+      <match_string>open-ils.auth.authenticate.verify</match_string>
+      <match_string>open-ils.auth.authenticate.complete</match_string>
+      <match_string>open-ils.auth_proxy.login</match_string>
+      <match_string>open-ils.actor.user.password</match_string>
+      <match_string>open-ils.actor.user.username</match_string>
+      <match_string>open-ils.actor.user.email</match_string>
+      <match_string>open-ils.actor.patron.update</match_string>
+      <match_string>open-ils.cstore.direct.actor.user.create</match_string>
+      <match_string>open-ils.cstore.direct.actor.user.update</match_string>
+      <match_string>open-ils.cstore.direct.actor.user.delete</match_string>
+    </log_protect>
+  </shared>
 </config>