Reputation: 2369
PostgreSQL JDBC driver hide prepared statement parameters from logging
I need to hide prepared statement parameters from logging debug level and exception message. There are security critical values. For example using pgp_sym_encrypt, when exception thrown from database, in exception message shown full statement with parameters also 2nd parameter encryption key password.
Is there any way to hide these kind of values, especially in exception message?
Upvotes: 2
Views: 229
Answers (1)
Reputation: 44137
The safest way is to do the encryption on the client side and never send the password to the database. Once you send it to the database, it will be very hard to absolutely control what happens to it. Consider that if there is a way to configure the database to suppress this logging, then there is also a way to reverse that configuration.
Upvotes: 1
Related Questions
- How to log queries inside PLPGSQL with inlined parameter values
- proper way to set PreparedStatement parameter to null under postgres
- Logging PreparedStatements in Java
- Is it possible with PostgresSQL JDBC to force usage of client only Prepared Statements?
- JAVA PreparedStatement parameters values to appear in query
- Any way to *not* use server-side prepared statements in Postgresql?
- Using Postgres's prepared statements from JDBC fails with "there is no parameter $1"
- How to add parameters in PreparedStatement in Postgresql JDBC without manually setting the types
- Printing the PreparedStatement in postgreSQL driver
- Logging prepared sql statements in postgres jdbc driver