...
The java.util.logging class provides a basic logging framework for JDK versions 1.4 and higher. Other logging frameworks exist, but the basic principles apply regardless of the particular logging framework chosen.
Programs must typically support varying levels of protection. Some information, such as access times, can be safely logged. Some information can be logged, but the log file must be restricted from everyone but particular administrators. Other information, such as credit card numbers, can be included in logs only in encrypted form. Information, such as passwords, should not be logged at all.
For the following code samplesexamples, we assume that the log in question lies outside the trust boundary of the information being sent to itrecorded. Also, normal log messages should include additional parameters such as date, time, source event, and so forth. This information has been omitted from the following code examples for brevity.
...
When the log cannot contain IP addresses, it should not contain any information about a SecurityException, because it might indicate the existence of leak an IP address. When an exception contains sensitive information, the custom MyExceptionReporter class should extract or cleanse it before returning control to the next statement in the catch block (see rule ERR00-J. Do not suppress or ignore checked exceptions).
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e4b6a2c5a62f3efd-b85a2334-476b4dbe-8449adc2-77711389982869ae8edeadac"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | Class | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b84f0009161b34c8-e06f076d-434d4b4f-b74d9eda-33934612de71616d859c7bca"><ac:plain-text-body><![CDATA[ | [[Chess 2007 | AA. Bibliography#Chess 07]] | 11.1, Privacy and Regulation: Handling Private Information | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b2cfb0e15b51bd25-2cacc2b0-43b04b02-9eaabcb9-eb113784384b9b3e23039a1e"><ac:plain-text-body><![CDATA[ | [[CVE 2011 | AA. Bibliography#CVE 08]] | [CVE-2005-2990 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2990] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="bb9b566527af8578-1cdf26d7-48c5470e-b7768814-5db1fd32c253b3e5b9cbb2db"><ac:plain-text-body><![CDATA[ | [[Sun 2006 | AA. Bibliography#Sun 06]] | [Java Logging Overview | http://java.sun.com/javase/6/docs/technotes/guides/logging/overview.html] | ]]></ac:plain-text-body></ac:structured-macro> |
...