[gateway] How to view the payload and http header information?

[kkatta]

I need to debug the payload and headers that is being applied after every policy enforcement across the policy chain. Where can I set the server logs to view the same? I tried using logging policy but not sure where it is being written?

Thanks Kishore

[brasseld]

Hi @kkatta,

The only way to debug after every policy is by using the logging policy. By doing so, logs are written into the gravitee.log file.

You can also activate Dump HTTP requests in your API's gateway configuration:

When enabled, you can have a look to logs from gravitee-httpdump.log file.

[NicolasGeraud]

hi @kkatta is it ok for you? Can I close this issue ?

[kkatta]

Yes Nicolas we can close the issue. I am able to see the log dump. However, just wondering why the logs are not capturing the http headers?

Thanks

---

From: Nicolas Géraud notifications@github.com Sent: Monday, March 6, 2017 1:53:59 PM To: gravitee-io/issues Cc: kkatta; Mention Subject: Re: [gravitee-io/issues] [gateway] How to view the payload and http header information? (#477)

hi @kkattahttps://github.com/kkatta is it ok for you? Can I close this issue ?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/gravitee-io/issues/issues/477#issuecomment-284330965, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AA7AbpgO1Dp-N3nPqmjbgMExLKZQy4Fyks5ri8KfgaJpZM4MTdOK.

[brasseld]

When you say:

However, just wondering why the logs are not capturing the http headers?

You mean the logging policy ? or the log dump ?

[kkatta]

Two things:

1. I mean for the logging policy I am not able to see http headers information.
2. The oauth policy applied will validate the token authenticity which is an API call to the authorization server. I don't see the request/response to/from authorization server getting captured as part of logging policy and http dumps

[brasseld]

1. I mean for the logging policy I am not able to see http headers information.

See https://github.com/gravitee-io/issues/issues/481

2. The oauth policy applied will validate the token authenticity which is an API call to the authorization server. I don't see the request/response to/from authorization server getting captured as part of logging policy and http dumps

I agree that we must be able to trace HTTP requests / responses to authorization server. What I'm not sure is that, IMHO, these logs must no be part of the gateway.log and I think it will be more convenient to use a dedicated log file, something like oauth2-httpdump.log. WDYT ?