Logging using Spring MVC Handler Interceptor (#549)

* Expression-Based Access Control

PermitAll, hasRole, hasAnyRole etc.
I modified classes regards to Security

* Added test cases for Spring Security Expressions

* Handler Interceptor - logging example
This commit is contained in:
maibin 2016-08-09 21:50:45 -07:00 committed by Grzegorz Piwowarek
parent 95e81d9aed
commit 87d260ce46
3 changed files with 84 additions and 0 deletions

View File

@ -1,10 +1,12 @@
package org.baeldung.spring; package org.baeldung.spring;
import org.baeldung.web.interceptor.LoggerInterceptor;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.ViewResolver; import org.springframework.web.servlet.ViewResolver;
import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.view.InternalResourceViewResolver; import org.springframework.web.servlet.view.InternalResourceViewResolver;
@ -35,4 +37,8 @@ public class WebConfig extends WebMvcConfigurerAdapter {
registry.addViewController("/homepage.html"); registry.addViewController("/homepage.html");
} }
@Override
public void addInterceptors(final InterceptorRegistry registry) {
registry.addInterceptor(new LoggerInterceptor());
}
} }

View File

@ -0,0 +1,74 @@
package org.baeldung.web.interceptor;
import java.util.Enumeration;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import com.google.common.base.Strings;
public class LoggerInterceptor extends HandlerInterceptorAdapter {
private static Logger log = LoggerFactory.getLogger(LoggerInterceptor.class);
/** Executed before actual handler is executed **/
@Override
public boolean preHandle(final HttpServletRequest request, final HttpServletResponse response, final Object handler) throws Exception {
log.info("[preHandle][" + request + "]" + "[" + request.getMethod() + "]" + request.getRequestURI() + getParameters(request));
return true;
}
/** Executed before after handler is executed **/
@Override
public void postHandle(final HttpServletRequest request, final HttpServletResponse response, final Object handler,
final ModelAndView modelAndView) throws Exception {
log.info("[postHandle][" + request + "]");
}
/** Executed after complete request is finished **/
@Override
public void afterCompletion(final HttpServletRequest request, final HttpServletResponse response, final Object handler, final Exception ex)
throws Exception {
if (ex != null)
ex.printStackTrace();
log.info("[afterCompletion][" + request + "][exception: " + ex + "]");
}
private String getParameters(final HttpServletRequest request) {
final StringBuffer posted = new StringBuffer();
final Enumeration<?> e = request.getParameterNames();
if (e != null)
posted.append("?");
while (e.hasMoreElements()) {
if (posted.length() > 1)
posted.append("&");
final String curr = (String) e.nextElement();
posted.append(curr + "=");
if (curr.contains("password") || curr.contains("answer") || curr.contains("pwd")) {
posted.append("*****");
} else {
posted.append(request.getParameter(curr));
}
}
final String ip = request.getHeader("X-FORWARDED-FOR");
final String ipAddr = (ip == null) ? getRemoteAddr(request) : ip;
if (!Strings.isNullOrEmpty(ipAddr))
posted.append("&_psip=" + ipAddr);
return posted.toString();
}
private String getRemoteAddr(final HttpServletRequest request) {
final String ipFromHeader = request.getHeader("X-FORWARDED-FOR");
if (ipFromHeader != null && ipFromHeader.length() > 0) {
log.debug("ip from proxy - X-FORWARDED-FOR : " + ipFromHeader);
return ipFromHeader;
}
return request.getRemoteAddr();
}
}

View File

@ -32,5 +32,9 @@
</authentication-manager> </authentication-manager>
<global-method-security pre-post-annotations="enabled"/> <global-method-security pre-post-annotations="enabled"/>
<!-- <mvc:interceptors>
<bean id="loggerInterceptor" class="org.baeldung.web.interceptor.LoggerInterceptor" />
</mvc:interceptors> -->
</beans:beans> </beans:beans>