Logging using Spring MVC Handler Interceptor (#549)

* Expression-Based Access Control PermitAll, hasRole, hasAnyRole etc. I modified classes regards to Security * Added test cases for Spring Security Expressions * Handler Interceptor - logging example
2016-08-09 21:50:45 -07:00 · 2016-08-09 21:50:45 -07:00 · 87d260ce46
parent 95e81d9aed
commit 87d260ce46
3 changed files with 84 additions and 0 deletions
--- a/spring-security-rest-full/src/main/java/org/baeldung/spring/WebConfig.java
+++ b/spring-security-rest-full/src/main/java/org/baeldung/spring/WebConfig.java
@ -1,10 +1,12 @@
 package org.baeldung.spring;

+import org.baeldung.web.interceptor.LoggerInterceptor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.ViewResolver;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
 import org.springframework.web.servlet.view.InternalResourceViewResolver;
@ -35,4 +37,8 @@ public class WebConfig extends WebMvcConfigurerAdapter {
 		registry.addViewController("/homepage.html");
 	}

+	@Override
+	public void addInterceptors(final InterceptorRegistry registry) {
+		registry.addInterceptor(new LoggerInterceptor());
+	}
 }
--- a/spring-security-rest-full/src/main/java/org/baeldung/web/interceptor/LoggerInterceptor.java
+++ b/spring-security-rest-full/src/main/java/org/baeldung/web/interceptor/LoggerInterceptor.java
@ -0,0 +1,74 @@
+package org.baeldung.web.interceptor;
+
+import java.util.Enumeration;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import com.google.common.base.Strings;
+
+public class LoggerInterceptor extends HandlerInterceptorAdapter {
+
+	private static Logger log = LoggerFactory.getLogger(LoggerInterceptor.class);
+
+	/** Executed before actual handler is executed **/
+	@Override
+	public boolean preHandle(final HttpServletRequest request, final HttpServletResponse response, final Object handler) throws Exception {
+		log.info("[preHandle][" + request + "]" + "[" + request.getMethod() + "]" + request.getRequestURI() + getParameters(request));
+		return true;
+	}
+
+	/** Executed before after handler is executed **/
+	@Override
+	public void postHandle(final HttpServletRequest request, final HttpServletResponse response, final Object handler,
+			final ModelAndView modelAndView) throws Exception {
+		log.info("[postHandle][" + request + "]");
+	}
+
+	/** Executed after complete request is finished **/
+	@Override
+	public void afterCompletion(final HttpServletRequest request, final HttpServletResponse response, final Object handler, final Exception ex)
+			throws Exception {
+		if (ex != null)
+			ex.printStackTrace();
+		log.info("[afterCompletion][" + request + "][exception: " + ex + "]");
+	}
+
+	private String getParameters(final HttpServletRequest request) {
+		final StringBuffer posted = new StringBuffer();
+		final Enumeration<?> e = request.getParameterNames();
+		if (e != null)
+			posted.append("?");
+		while (e.hasMoreElements()) {
+			if (posted.length() > 1)
+				posted.append("&");
+			final String curr = (String) e.nextElement();
+			posted.append(curr + "=");
+			if (curr.contains("password") || curr.contains("answer") || curr.contains("pwd")) {
+				posted.append("*****");
+			} else {
+				posted.append(request.getParameter(curr));
+			}
+		}
+
+		final String ip = request.getHeader("X-FORWARDED-FOR");
+		final String ipAddr = (ip == null) ? getRemoteAddr(request) : ip;
+		if (!Strings.isNullOrEmpty(ipAddr))
+			posted.append("&_psip=" + ipAddr);
+		return posted.toString();
+	}
+
+	private String getRemoteAddr(final HttpServletRequest request) {
+		final String ipFromHeader = request.getHeader("X-FORWARDED-FOR");
+		if (ipFromHeader != null && ipFromHeader.length() > 0) {
+			log.debug("ip from proxy - X-FORWARDED-FOR : " + ipFromHeader);
+			return ipFromHeader;
+		}
+		return request.getRemoteAddr();
+	}
+}
--- a/spring-security-rest-full/src/main/resources/webSecurityConfig.xml
+++ b/spring-security-rest-full/src/main/resources/webSecurityConfig.xml
@ -32,5 +32,9 @@
    </authentication-manager>

    <global-method-security pre-post-annotations="enabled"/>
+    
+<!--     <mvc:interceptors>
+		<bean id="loggerInterceptor" class="org.baeldung.web.interceptor.LoggerInterceptor" />
+	</mvc:interceptors> -->

 </beans:beans>