I like to have Spring Security log what's going so
logging.level.org.springframework.security=debug
is enabled.
However, when a user uses bad credentials or is not activated, each time an exception with about fifty lines of (uselesss) Stacktrace is logged.
I'd like to get only the exception
org.springframework.security.authentication.DisabledException: User is disabled
without stacktrace.If the logging level is set to info, there however is no log if there was an logging attempt at all.
Is that possible? - without disabling exceptions at all
Related
I'm very new to the spring boot..
I understood that Spring Boot uses Commons Logging for all internal logging.
logging.level.root=warn
logging.level.org.springframework.web=debug
logging.level.org.hibernate=error
after adding this into application.properties file, application logs all the output and exceptions in the console..
so I have a requirement to print the logs only when the system throws the error not for the success response..
so I have a requirement to print the logs only when the system throws the error not for the success response..
The implementation of this requirement IMO heavily depends on your system
From the word "response" I understand that you're working with some kind of controller (like in spring mvc). But the controller method is only an entry point to your backend.
What if the controller calls the service that logs something (message logA), then (after logging) it calls another service that again logs something (message logB) and then in turn calls, dao to call the datatbase?
If, say, DB threw an error, the logA and logB messages are already logged and you can't "take that back".
So, in general, you can log that there was an error by explicitly catching the exception in controller and logging the error, or using Controller advice to intercept and log the exceptions "globally".
When you reach the point where you log the message you can log it with severity, say, ERROR and the logging framework will log it as long as its configured to log messages of that level from that logger.
Using Spring boot 2.0.5. On application start occurs a exception with is logged 'ConfigServletWebServerApplicationContext : Exception encountered during context initialization'. But i need stacktrace. I was expecting stack trace will be logged later in SpringApplication.reportFailure '"Application run failed"'. But spring boot calls before this method ServletWebServerApplicationContext.stopAndReleaseWebServer and its seems that after this call any logging does not work anymore.
this can be related to your issue: spring boot discussion
spring boot github issue
You can also debug SpringApplication#reportFailure in the end (after catch (throwable)) it has generic logging of any error:
logger.error("Application run failed", ex)
In my case I had the logger from commons-logging which prevented logging to happen.
We have JTA transactions(Atomikos) configured using Spring annotations across different places in our application. I need to get trace logs whenever a transaction started and completed.
For example, whenever the below method invoked within a new transaction,
#Transactional
void createAgent() { ... }
I need to log a message saying
Transaction started on AgentFactory::createAgent() ...
Transaction ended on AgentFactory::createAgent() ...
Can you please provide if there is any way to enable trace logging on transactions?
If you set loglevel to DEBUG or TRACE for org.springframework.transaction
you get the log entries you want. May be not in the exact format, but the information is provided.
I'm using Spring Security (4.0.1) and Spring Social (1.1.2) to implement authentication to a Spring MVC application using either a Form of using an existing facebook account. Form authentication is working perfectly. However, facebook authentication is not working.
As far as I can see, I've setup the pieces needed to make this work:
created a class that implements SocialConfigurer, adding the facebook connection factory, useridsource (existing AuthenticationNameUserIdSource) and usersconnectionrepository (custom made for use with OrientDB)
Added a line to apply SpringSocialConfigurer in my WebSecurityConfigurerAdapter
Added a SocialUserDetailsService bean
This seems to be working for the most part, but the authentication is not completed. When calling /auth/facebook, the following happens:
redirect to facebook.com oauth (login mechanism)
callback to /auth/facebook on my application, with a lengthy code variable and state variable
redirect to my defaultFailureUrl, without warning, error or any message in log or request variables
So there is something going wrong, but I can't determine what or where exactly.
I've tried to set logging for org.springframework.social to FINEST, but that doesn't show any messages.
Does anyone have any tips how to determine the cause of this failure to complete authentication using facebook?
Thanks in advance,
Sem
I found the answer to my question, I had to configure log4j correctly in order to receive all of Spring's log messages in my default server log.
These log messages helped me to determine the issue at hand: my app signature had been changed. Quite an awkward issue to be stuck with for a long time ..
Hope this helps someone else struggling with Spring issues, make sure you have log4j included in your project, create a log4j properties file and make sure it is available to your container.
For me the following configuration worked:
log4j.rootLogger=INFO, console
log4j.appender.console=org.apache.log4j.ConsoleAppender
log4j.appender.console.layout=org.apache.log4j.PatternLayout
log4j.appender.console.layout.conversionPattern=%5p [%t] (%F:%L) - %m%n
I put it in the domain config for my glassfish domain, and added it to the JVM options using the Dlog4j.configuration property.
Regards,
Sem
I'm trying to debug why certain handlers in one of my controllers is not invoked by Spring's AnnotationMethodHandlerAdapter. I don't get any errors in Netbeans, just a 404 in the browser. I tried placing a breakpoint in one of my working controllers/handlers then walking up the chain to place a breakpoint in the dispatcher.
Netbeans shows me some funny method bodies:
protected ModelAndView invokeHandlerMethod(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception
{
//compiled code
throw new RuntimeException("Compiled Code");
}
which I suspect is caused by the AOP magiq. Undeterred, I tried to configure log4j to trace the calls and display any messages logged at debug level from the org.springframework.web.servlet.mvc.annotation package, but just by creating a log4j.properties file and putting in the classpath I get nothing more than the default "INFO:" level messages. Adding the context-param and listener in web.xml fails because the container can't find the log4j classes, even though they are there and even though I can add them again to the project.
So, the question is -- what do I need to do to get method traces (this could be done through AOP) and enhanced debugging (this definitely needs log4j) under Spring 3.0?
If I'm not mistaken Spring 3.X uses SLF4J for logging. Usually you would need to add SLF4J binding for your logging framework of choice - for example, for log4, slf4j-log4j12 jar should be present in classpath as well as log4j.jar and they better be proper versions - I found SLF4J to be picky about that. See more details here. Also don't forget log4j.xml config.