diff options
author | Bjørn Christian Seime <bjorn.christian@seime.no> | 2019-04-11 15:45:11 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-04-11 15:45:11 +0200 |
commit | 6a0a5ed5778941b27017f3a9eff045a703c2f7ca (patch) | |
tree | f185d1aa1f9c9c0631864acd57266ae933dd3c7d | |
parent | baacd388fa74991e561c0690a2a2b78b92bc382e (diff) | |
parent | 6d6a96ba6bdf81636c0c869e01e5a06fbb3b2a83 (diff) |
Merge pull request #9073 from vespa-engine/bjorncs/ssl-info-in-access-log
Add ssl session id and cipher suite to access log
-rw-r--r-- | jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java | 8 | ||||
-rw-r--r-- | jdisc_http_service/src/main/java/com/yahoo/jdisc/http/servlet/ServletRequest.java | 2 |
2 files changed, 10 insertions, 0 deletions
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java index 5c3298a7aff..9a10c70ceab 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java @@ -87,6 +87,14 @@ public class AccessLogRequestLog extends AbstractLifeCycle implements RequestLog if (clientCert != null && clientCert.length > 0) { accessLogEntry.setSslPrincipal(clientCert[0].getSubjectX500Principal()); } + String sslSessionId = (String) request.getAttribute(ServletRequest.SERVLET_REQUEST_SSL_SESSION_ID); + if (sslSessionId != null) { + accessLogEntry.addKeyValue("ssl-session-id", sslSessionId); + } + String cipherSuite = (String) request.getAttribute(ServletRequest.SERVLET_REQUEST_CIPHER_SUITE); + if (cipherSuite != null) { + accessLogEntry.addKeyValue("cipher-suite", cipherSuite); + } final long startTime = request.getTimeStamp(); final long endTime = System.currentTimeMillis(); diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/servlet/ServletRequest.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/servlet/ServletRequest.java index 2eb7f432ec2..65c8e153164 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/servlet/ServletRequest.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/servlet/ServletRequest.java @@ -39,6 +39,8 @@ public class ServletRequest extends HttpServletRequestWrapper implements Servlet public static final String JDISC_REQUEST_PRINCIPAL = "jdisc.request.principal"; public static final String JDISC_REQUEST_X509CERT = "jdisc.request.X509Certificate"; public static final String SERVLET_REQUEST_X509CERT = "javax.servlet.request.X509Certificate"; + public static final String SERVLET_REQUEST_SSL_SESSION_ID = "javax.servlet.request.ssl_session_id"; + public static final String SERVLET_REQUEST_CIPHER_SUITE = "javax.servlet.request.cipher_suite"; private final HttpServletRequest request; private final HeaderFields headerFields; |