Description
= Why?
Logging user passord is an obvious security bad practice.
Request logging should avoid logging user passwords.
= When ?
The body of the webadmin request is logged as part of the MDC.
Only user enabling structured logging are exposed, the default configuration is not.
Incriminated logger is org.apache.james.webadmin.mdc.LoggingRequestFilter
Users relying on a LDAP are not impacted.
= How?
Allow overrides of the RequestLogger for specific routes, given a request predicate.
That way we would be able to not log the payload of the request (password) upon user creation & password updates.
= Definition of done
Upon user creation via webadmin
A request log is emitted
This request log do not contain the request body.