search

georchestra / mapstore2-georchestra

geOrchestra newest viewer
Other
6 stars 23 forks source link

super verbose rest queries logging by default when using the WAR #586

Closed landryb closed 1 year ago

landryb commented 1 year ago

Describe the bug something i've seen on production since updating https://ids.craig.fr/mapstore/ from 1.3.0 to 2022.01, i had about 10Mb/days of logs in tomcat's catalina.log. Also seeing it on another instance with 2022.02.xx.

The log is filled with apache CXF framework logs dumping requests & replies headers and bodies/payload:

<6>Inbound Message
----------------------------
ID: 6
Address: http://georchestra.dev.craig.fr/mapstore/rest/geostore/session/login
Encoding: ISO-8859-1
Http-Method: POST
Content-Type: application/x-www-form-urlencoded
Headers: {Accept=[application/json, text/plain, */*], accept-encoding=[gzip, deflate, br], accept-language=[fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3], connection=[Keep-Alive], Content-Length=[0], content-type=[application/x-www-form-urlencoded], cookie=[], host=[localhost:8280], origin=[https://georchestra.dev.craig.fr], referer=[https://georchestra.dev.craig.fr/mapstore/], sec-proxy=[true], user-agent=[Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0], x-forwarded-for=[10.10.10.60, 10.0.7.1], x-forwarded-host=[georchestra.dev.craig.fr, georchestra.dev.craig.fr], x-forwarded-port=[443], x-forwarded-proto=[https], x-forwarded-server=[georchestra.dev.craig.fr], x-real-ip=[10.10.10.60]}
--------------------------------------
<6>Outbound Message
---------------------------
ID: 6
Response-Code: 403
Content-Type: application/json
Headers: {Cache-Control=[no-cache], Expires=[-1], Date=[Mon, 02 Jan 2023 13:06:41 GMT], Content-Length=[0]}
...

--------------------------------------
<6>Inbound Message
----------------------------
ID: 2
Address: http://georchestra.dev.craig.fr/mapstore/rest/geostore/users/user/details?includeattributes=true
Http-Method: GET
Content-Type: 
Headers: {Accept=[application/json, text/plain, */*], accept-encoding=[gzip, deflate, br], accept-language=[fr,en-US;q=0.7,en;q=0.3], connection=[Keep-Alive], Content-Type=[null], cookie=[sessionExpiry=1644918282308; serverTime=1645522859668; DISSESSION=2c9f615e-26a8-43b2-9b45-ead5ea173955], dnt=[1], host=[localhost:8280], referer=[https://georchestra.dev.craig.fr/mapstore/], sec-email=[admin@craig.fr], sec-firstname=[Test], sec-lastname=[ADMIN], sec-org=[psc], sec-orgname=[Project Steering Committee], sec-proxy=[true], sec-roles=[ROLE_SUPERUSER;ROLE_MAPSTORE_ADMIN;ROLE_USER;ROLE_ADMINISTRATOR;ROLE_CAD_CNIL2;ROLE_GN_ADMIN;ROLE_DRIVE;ROLE_DRIVE_2], sec-tel=[tel], sec-username=[testadmin], user-agent=[Mozilla/5.0 (X11; OpenBSD amd64; rv:100.0) Gecko/20100101 Firefox/100.0], x-forwarded-for=[10.10.10.10, 10.0.7.1], x-forwarded-host=[georchestra.dev.craig.fr, georchestra.dev.craig.fr], x-forwarded-port=[443], x-forwarded-proto=[https], x-forwarded-server=[georchestra.dev.craig.fr], x-real-ip=[10.10.10.10]}
--------------------------------------
<6>Outbound Message
---------------------------
ID: 2
Response-Code: 200
Content-Type: application/json
Headers: {Cache-Control=[no-cache], Expires=[-1], Content-Type=[application/json], Date=[Fri, 22 Apr 2022 10:21:07 GMT]}
Payload: {"User":{"enabled":true,"groups":{"group":[{"enabled":true,"groupName":"DRIVE","id":7},{"enabled":true,"groupName":"MAPSTORE_ADMIN","id":2},{"enabled":true,"groupName":"CAD_CNIL2","id":5},{"enabled":true,"groupName":"GN_ADMIN","id":6},{"enabled":true,"groupName":"USER","id":3},{"enabled":true,"groupName":"ADMINISTRATOR","id":4},{"enabled":true,"groupName":"DRIVE_2","id":8},{"enabled":true,"groupName":"SUPERUSER","id":1},{"enabled":true,"groupName":"everyone","id":9}]},"id":-1,"name":"testadmin","role":"ADMIN"}}

since it contains payloads/json replies too, it can become very large with maps/contexts and base64-encoded images.

after investigating it, it's totally independent from the webapps' log4j configuration. And after digging more, it seems to be caused by the presence in the webapp of a file named WEB-INF/classes/META-INF/cxf/org.apache.cxf.Logger containing the org.apache.cxf.common.logging.Log4jLogger string, which apparently changes the default logger for CXF per https://cxf.apache.org/javadoc/latest/org/apache/cxf/common/logging/LogUtils.html

i've looked in the Mapstore and mapstore2-georchestra repositories and haven't found what generates that file in the resulting webapp, but that's an issue for two reasons:

apparently it's used by the geostore module ? In the meantime i've removed WEB-INF/classes/META-INF/cxf/org.apache.cxf.Logger in the deployed webapp but that's only a workaround since the war still contains it...

landryb commented 1 year ago

file comes from https://github.com/geosolutions-it/geostore/blob/110018b03f8f7f7ab8f2be0a3c59b1cedadd9b50/src/web/app/src/main/resources/META-INF/cxf/org.apache.cxf.Logger and should be excluded when packaging ms2.war