This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository pollen. See https://gitlab.nuiton.org/chorem/pollen.git commit 49c5d2150abc28c1c089b9c490deba5b12b587c5 Author: Sylvain Bavencoff <bavencoff@codelutin.com> Date: Fri Nov 17 10:48:57 2017 +0100 Ajouter les detail dans les logs (thread, session, user, permission) + un log a la fin de chacque requête --- .../rest/api/PollenRestApiRequestFilter.java | 48 +++++++++++++++++++++- .../src/main/resources/log4j.properties | 3 +- pollen-services/pom.xml | 5 --- .../services/service/PollenServiceSupport.java | 2 +- .../services/service/security/SecurityService.java | 21 +--------- pom.xml | 10 +---- 6 files changed, 53 insertions(+), 36 deletions(-) diff --git a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java index ad2e66b5..3ae84c8d 100644 --- a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java +++ b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java @@ -27,6 +27,7 @@ import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.log4j.MDC; import org.chorem.pollen.persistence.PollenPersistenceContext; import org.chorem.pollen.persistence.entity.PollenPrincipal; import org.chorem.pollen.persistence.entity.PollenUser; @@ -35,7 +36,6 @@ import org.chorem.pollen.services.PollenServiceContext; import org.chorem.pollen.services.PollenUIContext; import org.chorem.pollen.services.service.ChoiceService; import org.chorem.pollen.services.service.CommentService; -import org.chorem.pollen.services.service.TransverseService; import org.chorem.pollen.services.service.FavoriteListService; import org.chorem.pollen.services.service.FeedService; import org.chorem.pollen.services.service.FeedbackService; @@ -47,6 +47,7 @@ import org.chorem.pollen.services.service.PollenUIUrlRenderService; import org.chorem.pollen.services.service.PollenUserService; import org.chorem.pollen.services.service.ReportService; import org.chorem.pollen.services.service.SocialAuthService; +import org.chorem.pollen.services.service.TransverseService; import org.chorem.pollen.services.service.VoteCountingService; import org.chorem.pollen.services.service.VoteCountingTypeService; import org.chorem.pollen.services.service.VoteService; @@ -59,12 +60,15 @@ import org.chorem.pollen.services.service.security.PollenSecurityContext; import org.chorem.pollen.services.service.security.SecurityService; import org.jboss.resteasy.spi.ResteasyProviderFactory; +import javax.servlet.http.HttpServletRequest; import javax.ws.rs.HttpMethod; import javax.ws.rs.container.ContainerRequestContext; import javax.ws.rs.container.ContainerRequestFilter; import javax.ws.rs.container.ContainerResponseContext; import javax.ws.rs.container.ContainerResponseFilter; import javax.ws.rs.container.PreMatching; +import javax.ws.rs.container.ResourceInfo; +import javax.ws.rs.core.Context; import javax.ws.rs.core.Cookie; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MultivaluedMap; @@ -74,6 +78,7 @@ import javax.ws.rs.ext.Provider; import java.io.IOException; import java.util.List; import java.util.Locale; +import java.util.stream.Collectors; /** @@ -103,6 +108,14 @@ public class PollenRestApiRequestFilter implements ContainerRequestFilter, Conta public static final String COOKIE_POLLEN_AUTH = "pollen-auth"; public static final int COOKIE_MAX_AGE = 60 * 60 * 24 * 365; // 1 year + private static final String START_TIME = "startTime"; + + @Context + protected ResourceInfo resourceInfo; + + @Context + protected HttpServletRequest servletRequest; + public static final ImmutableList<Class<? extends PollenService>> SERVICES = ImmutableList.of( ChoiceService.class, CommentService.class, @@ -133,6 +146,13 @@ public class PollenRestApiRequestFilter implements ContainerRequestFilter, Conta @Override public void filter(ContainerRequestContext containerRequestContext) throws IOException { + MDC.clear(); + + if (! HttpMethod.OPTIONS.equals(containerRequestContext.getMethod())) { + // Start monitoring + long start = System.currentTimeMillis(); + containerRequestContext.setProperty(START_TIME, start); + } try { pushRequestContext(containerRequestContext); } catch (PollenInvalidSessionTokenException | PollenCypherTechnicalException e) { @@ -175,6 +195,27 @@ public class PollenRestApiRequestFilter implements ContainerRequestFilter, Conta headers.add(HEADER_ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, DELETE, PUT, OPTIONS"); } + if (! HttpMethod.OPTIONS.equals(containerRequestContext.getMethod())) { + long start = Long.class.cast(containerRequestContext.getProperty(START_TIME)); + long end = System.currentTimeMillis(); + + String httpMethod = containerRequestContext.getMethod(); + String uri = containerRequestContext.getUriInfo().getPath(); + String query = containerRequestContext.getUriInfo().getQueryParameters() + .entrySet() + .stream() + .map(entry -> entry.getKey() + "=" + entry.getValue().stream().collect(Collectors.joining(","))) + .collect(Collectors.joining("&")); + String classApi = resourceInfo.getResourceClass().getSimpleName(); + String methodApi = resourceInfo.getResourceMethod().getName(); + int httpCode = containerResponseContext.getStatus(); + + log.info(String.format("%s %s?%s ==> %s.%s ==> %d : %dms", + httpMethod, uri, query, + classApi, methodApi, + httpCode, end - start)); + } + } private void pushRequestContext(ContainerRequestContext context) throws PollenInvalidSessionTokenException, PollenCypherTechnicalException { @@ -221,6 +262,9 @@ public class PollenRestApiRequestFilter implements ContainerRequestFilter, Conta SecurityService securityService = serviceContext.newService(SecurityService.class); + String sessionId = servletRequest.getSession(true).getId(); + MDC.put("session", sessionId); + // --- get session token (from request parameters) --- // String sessionTokenHeader = context.getHeaderString(REQUEST_HEADER_SESSION_TOKEN); @@ -239,12 +283,14 @@ public class PollenRestApiRequestFilter implements ContainerRequestFilter, Conta } PollenUser userConnected = securityService.getUserFromToken(sessionTokenHeader); + MDC.put("user", userConnected == null ? "Anonyme" : securityService.getReduceId(userConnected)); // --- get mainPrincipal (from request parameters) --- // String permission = null; List<String> permissions = context.getUriInfo().getQueryParameters().get(REQUEST_PERMISSION_PARAMETER); if (CollectionUtils.isNotEmpty(permissions)) { permission = permissions.get(0); + MDC.put("permission", permission); } PollenPrincipal mainPrincipal = securityService.getPollenPrincipalByPermissionToken(permission); diff --git a/pollen-rest-api/src/main/resources/log4j.properties b/pollen-rest-api/src/main/resources/log4j.properties index 71cea7eb..6ebf2fd7 100644 --- a/pollen-rest-api/src/main/resources/log4j.properties +++ b/pollen-rest-api/src/main/resources/log4j.properties @@ -21,9 +21,8 @@ log4j.rootCategory=WARN, console log4j.appender.console=org.apache.log4j.ConsoleAppender log4j.appender.console.layout=org.apache.log4j.PatternLayout -log4j.appender.console.layout.ConversionPattern=%d{hh:mm:ss} %5p (%F:%L) %m%n +log4j.appender.console.layout.ConversionPattern=%d %5p [%t] (%F:%L) {%X{session}:%X{user}:%X{permission}} %m%n log4j.logger.org.chorem.pollen=INFO -log4j.logger.org.chorem.pollen.services.service.mail=DEBUG log4j.logger.org.debux=INFO log4j.logger.org.hibernate.orm.deprecation=ERROR log4j.logger.com.zaxxer.hikari.HikariDataSource=ERROR diff --git a/pollen-services/pom.xml b/pollen-services/pom.xml index d8a22db2..2be339c5 100644 --- a/pollen-services/pom.xml +++ b/pollen-services/pom.xml @@ -99,11 +99,6 @@ <artifactId>yamlbeans</artifactId> </dependency> - <dependency> - <groupId>org.bouncycastle</groupId> - <artifactId>bcprov-jdk16</artifactId> - </dependency> - <!--dependency> <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/service/PollenServiceSupport.java b/pollen-services/src/main/java/org/chorem/pollen/services/service/PollenServiceSupport.java index 25dc27ab..d46beb01 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/service/PollenServiceSupport.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/service/PollenServiceSupport.java @@ -489,7 +489,7 @@ public abstract class PollenServiceSupport implements PollenService { return pollenEntityId; } - protected <E extends TopiaEntity> String getReduceId(E entity) { + public <E extends TopiaEntity> String getReduceId(E entity) { return PollenEntityId.encode(serviceContext.getTopiaApplicationContext().getTopiaIdFactory(), entity.getTopiaId()); } diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java b/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java index 9bd9df43..fbf8a98c 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java @@ -30,13 +30,6 @@ import com.google.common.base.Preconditions; import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.bouncycastle.crypto.BlockCipher; -import org.bouncycastle.crypto.BufferedBlockCipher; -import org.bouncycastle.crypto.engines.RijndaelEngine; -import org.bouncycastle.crypto.modes.CBCBlockCipher; -import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher; -import org.bouncycastle.crypto.paddings.ZeroBytePadding; -import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.chorem.pollen.persistence.entity.Choice; import org.chorem.pollen.persistence.entity.Comment; import org.chorem.pollen.persistence.entity.CommentVisibility; @@ -61,7 +54,6 @@ import org.chorem.pollen.services.service.PollenServiceSupport; import org.nuiton.topia.persistence.TopiaNoResultException; import java.io.UnsupportedEncodingException; -import java.security.Security; import java.util.Calendar; import java.util.Date; import java.util.Objects; @@ -78,18 +70,9 @@ public class SecurityService extends PollenServiceSupport { /** Logger. */ private static final Log log = LogFactory.getLog(SecurityService.class); - static { - Security.addProvider(new BouncyCastleProvider()); - } - - private BufferedBlockCipher cipher; - @Override public void setServiceContext(PollenServiceContext serviceContext) { super.setServiceContext(serviceContext); - BlockCipher engine = new RijndaelEngine(256); - cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(engine), new ZeroBytePadding()); - } @Override @@ -251,11 +234,11 @@ public class SecurityService extends PollenServiceSupport { } catch (JWTVerificationException e) { if (log.isInfoEnabled()) { - log.info("Invalid Token", e); + log.info("Invalid Token : " + e.getMessage() + " - " + token); } } catch (TopiaNoResultException e) { if (log.isErrorEnabled()) { - log.error("Not find Token user", e); + log.error("Not find user from token : " + token); } } } diff --git a/pom.xml b/pom.xml index 385d8590..8e9f02b4 100644 --- a/pom.xml +++ b/pom.xml @@ -190,7 +190,7 @@ <h2Version>1.4.178</h2Version> <postgresqlVersion>9.4.1212.jre7</postgresqlVersion> <shiroVersion>1.2.3</shiroVersion> - <jwtJavaVersion>3.3.0</jwtJavaVersion> + <javaJwtVersion>3.2.0</javaJwtVersion> <slf4jVersion>1.7.22</slf4jVersion> <jettyVersion>9.0.3.v20130506</jettyVersion> <tomcatEmbedVersion>7.0.50</tomcatEmbedVersion> @@ -497,7 +497,7 @@ <dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> - <version>${jwtJavaVersion}</version> + <version>${javaJwtVersion}</version> </dependency> <!--dependency> @@ -626,12 +626,6 @@ </dependency> <dependency> - <groupId>org.bouncycastle</groupId> - <artifactId>bcprov-jdk16</artifactId> - <version>1.46</version> - </dependency> - - <dependency> <groupId>org.quartz-scheduler</groupId> <artifactId>quartz</artifactId> <version>2.3.0</version> -- To stop receiving notification emails like this one, please contact chorem.org SCM administrator <admin+scm@chorem.org>.