We're updating the issue view to help you get more done. 

BatchingBatch logging SQL values at an ERROR level

Description

BatchingBatch will log failed executions at an "ERROR" level with the SQL values included. This could compromise security or violate compliance by including secrets or personal information in the logs, but squelching all ERROR level logs for the class is not desirable.

An example:

1 2019-07-22 05:01:17.175 ERROR o.h.e.jdbc.batch.internal.BatchingBatch : HHH000315: Exception executing batch [java.sql.BatchUpdateException: Batch entry 0 insert into my_schema.access_tokens (client_id, exp, jti, refresh_token_jti, token, username, key) values ('123e4567-e89b-12d3-a456-426655440000', 5554443337, '456e4567-e89b-34d5-az567-245566779999'::uuid, NULL, 'zY29wZ___i_am_a_secret_access_token___zRw8uhZeFw', NULL, '123e4567123e4567123e4567123e4567') was aborted: ERROR: duplicate key value violates unique constraint "oauth_jwt_access_token_pkey"Detail: Key (key)=(123e4567123e4567123e4567123e4567) already exists. Call getNextException to see other errors in the batch.], SQL: insert into my_schema.access_tokens (client_id, exp, jti, refresh_token_jti, token, username, key) values (?, ?, ?, ?, ?, ?, ?)

Since this exception is logged and then a new exception re-thrown, it should be logged at a DEBUG level, and the handler of the exception should be tasked with log the exception. That also would allow the exception to avoid being logged twice or logging it as an ERROR in a non-fault use case, e.g. optimistic de-duplication of data.
https://github.com/hibernate/hibernate-orm/blob/master/hibernate-core/src/main/java/org/hibernate/engine/jdbc/batch/internal/BatchingBatch.java#L128-L129

At the very least, it should not be logged with the values at an ERROR level.

Environment

None

Status

Assignee

Unassigned

Reporter

Mike Reardon

Fix versions

None

Labels

None

backPortable

None

Suitable for new contributors

None

Requires Release Note

None

Pull Request

None

backportDecision

None

Affects versions

5.3.9

Priority

Major