diff options
Diffstat (limited to 'jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java')
-rw-r--r-- | jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java | 129 |
1 files changed, 68 insertions, 61 deletions
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java index e82373fdaae..32790534f86 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java @@ -4,22 +4,20 @@ package com.yahoo.jdisc.http.server.jetty; import com.google.common.base.Objects; import com.yahoo.container.logging.AccessLog; import com.yahoo.container.logging.AccessLogEntry; -import com.yahoo.container.logging.RequestLog; -import com.yahoo.container.logging.RequestLogEntry; import com.yahoo.jdisc.http.ServerConfig; import com.yahoo.jdisc.http.servlet.ServletRequest; import org.eclipse.jetty.server.Request; +import org.eclipse.jetty.server.RequestLog; import org.eclipse.jetty.server.Response; import org.eclipse.jetty.util.component.AbstractLifeCycle; import javax.servlet.http.HttpServletRequest; import java.security.Principal; -import java.time.Duration; -import java.time.Instant; +import java.security.cert.X509Certificate; import java.util.List; +import java.util.Optional; import java.util.OptionalInt; import java.util.UUID; -import java.util.function.BiConsumer; import java.util.logging.Level; import java.util.logging.Logger; @@ -32,19 +30,19 @@ import static com.yahoo.jdisc.http.core.HttpServletRequestUtils.getConnectorLoca * @author Oyvind Bakksjo * @author bjorncs */ -class AccessLogRequestLog extends AbstractLifeCycle implements org.eclipse.jetty.server.RequestLog { +class AccessLogRequestLog extends AbstractLifeCycle implements RequestLog { private static final Logger logger = Logger.getLogger(AccessLogRequestLog.class.getName()); // HTTP headers that are logged as extra key-value-pairs in access log entries private static final List<String> LOGGED_REQUEST_HEADERS = List.of("Vespa-Client-Version"); - private final RequestLog requestLog; + private final AccessLog accessLog; private final List<String> remoteAddressHeaders; private final List<String> remotePortHeaders; - AccessLogRequestLog(RequestLog requestLog, ServerConfig.AccessLog config) { - this.requestLog = requestLog; + AccessLogRequestLog(AccessLog accessLog, ServerConfig.AccessLog config) { + this.accessLog = accessLog; this.remoteAddressHeaders = config.remoteAddressHeaders(); this.remotePortHeaders = config.remotePortHeaders(); } @@ -52,67 +50,83 @@ class AccessLogRequestLog extends AbstractLifeCycle implements org.eclipse.jetty @Override public void log(Request request, Response response) { try { - RequestLogEntry.Builder builder = new RequestLogEntry.Builder(); - - String peerAddress = request.getRemoteAddr(); - int peerPort = request.getRemotePort(); - long startTime = request.getTimeStamp(); - long endTime = System.currentTimeMillis(); - builder.peerAddress(peerAddress) - .peerPort(peerPort) - .localPort(getConnectorLocalPort(request)) - .timestamp(Instant.ofEpochMilli(startTime)) - .duration(Duration.ofMillis(endTime - startTime)) - .contentSize(response.getHttpChannel().getBytesWritten()) - .statusCode(response.getCommittedMetaData().getStatus()); - - addNonNullValue(builder, request.getMethod(), RequestLogEntry.Builder::httpMethod); - addNonNullValue(builder, request.getRequestURI(), RequestLogEntry.Builder::rawPath); - addNonNullValue(builder, request.getProtocol(), RequestLogEntry.Builder::httpVersion); - addNonNullValue(builder, request.getScheme(), RequestLogEntry.Builder::scheme); - addNonNullValue(builder, request.getHeader("User-Agent"), RequestLogEntry.Builder::userAgent); - addNonNullValue(builder, request.getHeader("Host"), RequestLogEntry.Builder::hostString); - addNonNullValue(builder, request.getHeader("Referer"), RequestLogEntry.Builder::referer); - addNonNullValue(builder, request.getQueryString(), RequestLogEntry.Builder::rawQuery); - - Principal principal = (Principal) request.getAttribute(ServletRequest.JDISC_REQUEST_PRINCIPAL); - addNonNullValue(builder, principal, RequestLogEntry.Builder::userPrincipal); - - String requestFilterId = (String) request.getAttribute(ServletRequest.JDISC_REQUEST_CHAIN); - addNonNullValue(builder, requestFilterId, (b, chain) -> b.addExtraAttribute("request-chain", chain)); - - String responseFilterId = (String) request.getAttribute(ServletRequest.JDISC_RESPONSE_CHAIN); - addNonNullValue(builder, responseFilterId, (b, chain) -> b.addExtraAttribute("response-chain", chain)); + AccessLogEntry accessLogEntry = Optional.ofNullable(request.getAttribute(JDiscHttpServlet.ATTRIBUTE_NAME_ACCESS_LOG_ENTRY)) + .map(AccessLogEntry.class::cast) + .orElseGet(AccessLogEntry::new); + + accessLogEntry.setRawPath(request.getRequestURI()); + String queryString = request.getQueryString(); + if (queryString != null) { + accessLogEntry.setRawQuery(queryString); + } - UUID connectionId = (UUID) request.getAttribute(JettyConnectionLogger.CONNECTION_ID_REQUEST_ATTRIBUTE); - addNonNullValue(builder, connectionId, (b, uuid) -> b.connectionId(uuid.toString())); + accessLogEntry.setUserAgent(request.getHeader("User-Agent")); + accessLogEntry.setHttpMethod(request.getMethod()); + accessLogEntry.setHostString(request.getHeader("Host")); + accessLogEntry.setReferer(request.getHeader("Referer")); + String peerAddress = request.getRemoteAddr(); + accessLogEntry.setIpV4Address(peerAddress); + accessLogEntry.setPeerAddress(peerAddress); String remoteAddress = getRemoteAddress(request); if (!Objects.equal(remoteAddress, peerAddress)) { - builder.remoteAddress(remoteAddress); + accessLogEntry.setRemoteAddress(remoteAddress); } + + int peerPort = request.getRemotePort(); + accessLogEntry.setPeerPort(peerPort); int remotePort = getRemotePort(request); if (remotePort != peerPort) { - builder.remotePort(remotePort); + accessLogEntry.setRemotePort(remotePort); + } + accessLogEntry.setHttpVersion(request.getProtocol()); + accessLogEntry.setScheme(request.getScheme()); + accessLogEntry.setLocalPort(getConnectorLocalPort(request)); + Principal principal = (Principal) request.getAttribute(ServletRequest.JDISC_REQUEST_PRINCIPAL); + if (principal != null) { + accessLogEntry.setUserPrincipal(principal); + } + X509Certificate[] clientCert = (X509Certificate[]) request.getAttribute(ServletRequest.SERVLET_REQUEST_X509CERT); + if (clientCert != null && clientCert.length > 0) { + accessLogEntry.setSslPrincipal(clientCert[0].getSubjectX500Principal()); + } + String sslSessionId = (String) request.getAttribute(ServletRequest.SERVLET_REQUEST_SSL_SESSION_ID); + if (sslSessionId != null) { + accessLogEntry.addKeyValue("ssl-session-id", sslSessionId); } + String cipherSuite = (String) request.getAttribute(ServletRequest.SERVLET_REQUEST_CIPHER_SUITE); + if (cipherSuite != null) { + accessLogEntry.addKeyValue("cipher-suite", cipherSuite); + } + String requestFilterId = (String) request.getAttribute(ServletRequest.JDISC_REQUEST_CHAIN); + if (requestFilterId != null) { + accessLogEntry.addKeyValue("request-chain", requestFilterId); + } + String responseFilterId = (String) request.getAttribute(ServletRequest.JDISC_RESPONSE_CHAIN); + if (responseFilterId != null) { + accessLogEntry.addKeyValue("response-chain", responseFilterId); + } + + long startTime = request.getTimeStamp(); + long endTime = System.currentTimeMillis(); + accessLogEntry.setTimeStamp(startTime); + accessLogEntry.setDurationBetweenRequestResponse(endTime - startTime); + accessLogEntry.setReturnedContentSize(response.getHttpChannel().getBytesWritten()); + accessLogEntry.setStatusCode(response.getCommittedMetaData().getStatus()); + LOGGED_REQUEST_HEADERS.forEach(header -> { String value = request.getHeader(header); if (value != null) { - builder.addExtraAttribute(header, value); + accessLogEntry.addKeyValue(header, value); } }); - AccessLogEntry accessLogEntry = (AccessLogEntry) request.getAttribute(JDiscHttpServlet.ATTRIBUTE_NAME_ACCESS_LOG_ENTRY); - if (accessLogEntry != null) { - var extraAttributes = accessLogEntry.getKeyValues(); - if (extraAttributes != null) { - extraAttributes.forEach(builder::addExtraAttributes); - } - addNonNullValue(builder, accessLogEntry.getHitCounts(), RequestLogEntry.Builder::hitCounts); - addNonNullValue(builder, accessLogEntry.getTrace(), RequestLogEntry.Builder::traceNode); + UUID connectionId = (UUID) request.getAttribute(JettyConnectionLogger.CONNECTION_ID_REQUEST_ATTRIBUTE); + if (connectionId != null) { + accessLogEntry.setConnectionId(connectionId.toString()); } - requestLog.log(builder.build()); + accessLog.log(accessLogEntry); } catch (Exception e) { // Catching any exceptions here as it is unclear how Jetty handles exceptions from a RequestLog. logger.log(Level.SEVERE, "Failed to log access log entry: " + e.getMessage(), e); @@ -146,11 +160,4 @@ class AccessLogRequestLog extends AbstractLifeCycle implements org.eclipse.jetty } } - private static <T> void addNonNullValue( - RequestLogEntry.Builder builder, T value, BiConsumer<RequestLogEntry.Builder, T> setter) { - if (value != null) { - setter.accept(builder, value); - } - } - } |