kwwall
commented
2 years ago @jeremiahjstacey - Any ideas? @vpalli-bnym - Can you please specify what versions of Eclipse, SLF4J and especially, the version of logback-classic that you are using. Thanks.
Closed vpalli-bnym closed 2 years ago
kwwall
commented
2 years ago @jeremiahjstacey - Any ideas? @vpalli-bnym - Can you please specify what versions of Eclipse, SLF4J and especially, the version of logback-classic that you are using. Thanks.
vpalli-bnym
commented
2 years ago @kwwall, here are the details. Eclipse : Version: 2021-06 (4.20.0), Build id: 20210612-2011 SLF4J: 1.7.36 LOGBACK: 1.2.11
xeno6696
commented
2 years ago Dumb question @vpalli-bnym but did you hit "F5" on the project in the project explorer? In my experience Eclipse has never done auto-updates against the file system.
xeno6696
commented
2 years ago And when you build your project via the command line, does it work fine there? (i.e. if you do mvn test does it build the files as expected?
vpalli-bnym
commented
2 years ago Build is working fine, I'm able to build my application and also able to run the application. The issue is with the logging. Console logging works fine but the logback --> fileappender doesn't work after switching to ESAPI.
vpalli-bnym
commented
2 years ago I reimported the project again. That should have pulled in the latest changes from filesystem. Even after that it didn't generate the log files.
jeremiahjstacey
commented
2 years ago I'm a little late to the party, my apologies.
By the end of the week I will try to update my eclipse instance to replicate your configuration.
I suspect that eclipse doesn't like the relative path in the logback configuration or the eclipse context cannot generate the 'logs' directory.
The nine tests below I believe will work to clarify and isolate the problem, as well as verify my assumptions. @vpalli-bnym, if you have time to run through these before me please lmk your findings. I've listed out the Intellij tests as well as a component of verification, but I will not be testing that aspect in my effort.
Part 1 With a project updated to use ESAPI, SLF4JLogFactory, and the Logback configuration from the description...
Part 2
Part 3
Update the file path to be an absolute path rather than a relative path
EG: <file>C:/logs/test.log</file>
C:/logs exists on my system, then proceed with the tests below.
jeremiahjstacey
commented
2 years ago I found time tonight (surprising).
I believe the problem is your file path. Remove the leading slash /logs/test.log -> log/test.log
What I did: (In the ESAPI Baseline)
in test/resources, create a file named logback.xml and insert the following content
<configuration>
<appender name="NAS" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>logs/test.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<!-- daily rollover. Make sure the path matches the one in the file element
or else the rollover logs are placed in the working directory. -->
<fileNamePattern>/logs/test_%d{yyyy-MM-dd}.%i.gz</fileNamePattern>
<timeBasedFileNamingAndTriggeringPolicy
class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
<maxFileSize>10MB</maxFileSize>
</timeBasedFileNamingAndTriggeringPolicy>
<!-- keep 30 days' worth of history -->
<maxHistory>15</maxHistory>
</rollingPolicy>
<encoder>
<charset>UTF-8</charset>
<Pattern>%d{yyyy-MM-dd HH:mm:ss} ${AE_HOST_IP} ${PID:- } %p --- [%t]
%-40.40logger{5} : %m%n</Pattern>
</encoder>
</appender>5. Add the `logback-classic` dependency to the esapi project pom
``` <dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.2.11</version>
<scope>test</scope>
</dependency>
</dependencies>
If it needs to be in the test directory, then update the relative path in the config.
jeremiahjstacey
commented
2 years ago Given testing, I believe this is a n environment-specific configuration problem and not an issue with the ESAPI library.
This task should be reopened if a use case can be defined that shows an error in how ESAPI interacts with the SLF4J API.
Describe the bug It is an existing project, we were using log4j for logging before. We are recently working on moving to ESAPI. The issue is : We have logs written to file system. When working with IntelliJ, I'm able to successfully implement ESAPI and the logs are successfully getting generated. But when I use the same setup with eclipse 2021-06, it is printing the logs to console but the log file is not getting updated.
*Specify what ESAPI version(s) you are experiencing this bug in Working with 2.3.0.0
To Reproduce
<?xml version="1.0" encoding="UTF-8"?>
ESAPI.Executor=org.owasp.esapi.reference.DefaultExecutor ESAPI.HTTPUtilities=org.owasp.esapi.reference.DefaultHTTPUtilities ESAPI.IntrusionDetector=org.owasp.esapi.reference.DefaultIntrusionDetector ESAPI.Logger=org.owasp.esapi.logging.slf4j.Slf4JLogFactory ESAPI.Randomizer=org.owasp.esapi.reference.DefaultRandomizer ESAPI.Validator=org.owasp.esapi.reference.DefaultValidator
Logger.ApplicationName=test Logger.LogEncodingRequired=false Logger.LogApplicationName=false Logger.LogServerIP=false Logger.UserInfo=false Logger.ClientInfo=false
Validation.properties Validator.SafeString=^[.\p{Alnum}\p{Space}]{0,1024}$ Validator.Email=^[A-Za-z0-9.%'-]+@[A-Za-z0-9.-]+\.[a-zA-Z]{2,4}$ Validator.IPAddress=^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ Validator.URL=^(ht|f)tp(s?)\:\/\/0-9a-zA-Z(:(0-9))*(\/?)([a-zA-Z0-9\-\.\?\,\:\'\/\\\+=&;%\$#]*)?$
In the ECLIPSE version we are working on: It is not generating the logfile as expected.
Expected behavior Generate Log file under the test folder.
Screenshots If applicable, add screenshots to help explain your problem. [NOTE: Please do NOT just ask general questions here as they will not be answered. Instead, please use the GitHub Discussions and create a new topic under 'Questions and Answers". Please delete any irrelevant portion of this template before submitting your GitHub issue. Thanks.]
Platform environment (please complete the following information):