问题
I am using custom gmail smtp appendar for sending error logs from my gmail account. Following the instructions: http://www.tgerm.com/2010/05/log4j-smtpappender-gmail-custom.html - Everything works great. Except one thing: In my log4j.properties: I don't want to type my password "log4j.appender.EMAIL.SMTPPassword=somepass" so that I can share this project with my team mates. Does anyone have a suggestion ?
Below is log4j.properties part:
log4j.appender.EMAIL=com.tgerm.log4j.appender.GmailSMTPAppender
log4j.appender.EMAIL.SMTPHost=smtp.gmail.com
log4j.appender.EMAIL.SMTPDebug=true
log4j.appender.EMAIL.From=from@gmail.com
log4j.appender.EMAIL.To=to@tgerm.com
log4j.appender.EMAIL.SMTPUsername=smtpuser@gmail.com
log4j.appender.EMAIL.SMTPPassword=somepass //this is the problematic part
log4j.appender.EMAIL.Subject=Email Notification from Gmail SMTP Appender
log4j.appender.EMAIL.cc=cc@gmail.com
log4j.appender.EMAIL.layout=org.apache.log4j.PatternLayout
log4j.appender.EMAIL.layout.ConversionPattern=%p %t %c - %m%n
log4j.appender.EMAIL.BufferSize=1
回答1:
For starters: don't use your personal email address - create a new account to be shared with your team members.
If you still want to encrypt, put the encrypted information in a separate properties or xml file, write code to encrypt and decrypt it, and configure that portion of log4j programatically.
(And, as gdt says below, remember, if the application can decrypt the password, others can too. There is no 100% safe solution. Protecting the file access permissions is often more effective than encrypting.)
回答2:
Create a service email account (not personal) which can be shared.
To hide password, specify it in properies file, but after first run, read it, encrypt and write back to the properties file.
来源:https://stackoverflow.com/questions/15910663/hiding-or-encrypting-password-in-log4j-properties-file-smtp-appender