Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Virgo » Enabling DEBUG logging in spring security classes(Enabling DEBUG logging in spring security classes)
Enabling DEBUG logging in spring security classes [message #1219763] Thu, 05 December 2013 17:05 Go to next message
Raghuram Devarakonda is currently offline Raghuram Devarakonda
Messages: 11
Registered: November 2012
Junior Member

Hi,

I have added the following to serviceability.xml to enable logging in spring security code.

<logger level="DEBUG" additivity="false" name="org.springframework.security">
        <appender-ref ref="SIFTED_LOG_FILE" />
        <appender-ref ref="LOG_FILE" />
</logger>


Unfortunately, this doesn't seem to do the trick. I don't see any DEBUG messages from spring security classes. Is there any other configuration I need to modify? Any help is greatly appreciated.

I am using Virgo 3.5.0 and spring-security 3.1.4.

Thanks,
Raghu
Re: Enabling DEBUG logging in spring security classes [message #1219838 is a reply to message #1219763] Fri, 06 December 2013 08:50 Go to previous messageGo to next message
Florian Waibel is currently offline Florian Waibel
Messages: 96
Registered: June 2010
Member
Hi Raghu,

with your snippet I do get DEBUG and INFO messages:

[2013-12-06 09:30:26.471] DEBUG start-signalling-1           .s.s.w.a.e.ExpressionBasedFilterInvocationSecurityMetadataSource  Adding web access control expression 'hasRole('ROLE_USER')', for Ant [pattern='/forms/**']
[2013-12-06 09:30:26.472] DEBUG start-signalling-1           .s.s.w.a.e.ExpressionBasedFilterInvocationSecurityMetadataSource  Adding web access control expression 'permitAll', for Ant [pattern='/']
[2013-12-06 09:30:26.472] DEBUG start-signalling-1           o.s.security.web.access.intercept.FilterSecurityInterceptor       Validated configuration attributes
[2013-12-06 09:30:26.474] INFO  start-signalling-1           org.springframework.security.web.DefaultSecurityFilterChain       Creating filter chain: org.springframework.security.web.util.AnyRequestMatcher@1, [org.springframework.security.web.context.SecurityContextPersistenceFilter@144edb15, org.springframework.security.web.authentication.logout.LogoutFilter@45114a1d, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@7218d957, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@3d651946, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@385e6227, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@3c7e0b5a, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@771b60bc, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@266c13bb, org.springframework.security.web.session.SessionManagementFilter@1836db2, org.springframework.security.web.access.ExceptionTranslationFilter@5b96c1e4, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@6938eb6]
[2013-12-06 09:30:26.480] INFO  start-signalling-1           o.s.security.config.http.DefaultFilterChainValidator              Checking whether login URL '/spring_security_login' is accessible with your configuration
[2013-12-06 09:30:26.482] DEBUG start-signalling-1           o.s.security.config.http.DefaultFilterChainValidator              Default generated login page is in use


Please note the various types of abbreviations for types with long names and lots of packages:


  • org.springframework.security.web.DefaultSecurityFilterChain
  • o.s.security.web.access.intercept.FilterSecurityInterceptor
  • .s.s.w.a.e.ExpressionBasedFilterInvocationSecurityMetadataSource


Regards,
florian
Re: Enabling DEBUG logging in spring security classes [message #1219903 is a reply to message #1219838] Fri, 06 December 2013 15:09 Go to previous messageGo to next message
Raghuram Devarakonda is currently offline Raghuram Devarakonda
Messages: 11
Registered: November 2012
Junior Member

Thanks. I will double check but I didn't see any debug messages, in particular from spring security ACL classes.
Re: Enabling DEBUG logging in spring security classes [message #1219997 is a reply to message #1219903] Sun, 08 December 2013 21:37 Go to previous messageGo to next message
Raghuram Devarakonda is currently offline Raghuram Devarakonda
Messages: 11
Registered: November 2012
Junior Member

Just to update, I have done some reflection hackery to access the "logger" field of the following two classes.

- org.springframework.jdbc.core.JdbcTemplate
- org.springframework.security.acls.AclPermissionEvaluator

Both logger objects are of type "org.apache.commons.logging.impl.Jdk14Logger" but logger.isDebugEnabled() returns true for JdbcTemplate while the same call for AclpermissionEvaluator returns false. So I could see DEBUG messages from JdbcTemplate but there were no debug messages from either AclPermissionEvaluator or any other ACL classes.

For some reason, the debug level logger configuration in serviceability.xml is not taking effect for Acl classes.

If there is any one out there using spring security ACL with Virgo, can you please enable debug level as mentioned in the original post and see if you are seeing any DEBUG messages?

Thanks,
Raghu


Re: Enabling DEBUG logging in spring security classes [message #1219998 is a reply to message #1219997] Sun, 08 December 2013 21:37 Go to previous messageGo to next message
Raghuram Devarakonda is currently offline Raghuram Devarakonda
Messages: 11
Registered: November 2012
Junior Member

I should have mentioned in my earlier post that I enabled DEBUG for "org.springframework".
Re: Enabling DEBUG logging in spring security classes [message #1220405 is a reply to message #1219838] Wed, 11 December 2013 14:34 Go to previous messageGo to next message
Raghuram Devarakonda is currently offline Raghuram Devarakonda
Messages: 11
Registered: November 2012
Junior Member

It turns out the problem was with subclassing AclPermissionEvaluator. With the subclass in place, AclPermissionEvaluator's logger was not seeing the debug level configuration. When I switched to using it directly, debug was enabled and I could see the debug log messages in Virgo's log.

It is not clear to me why the subclass should cause problems with logging here, though.

Thanks,
Raghu
Re: Enabling DEBUG logging in spring security classes [message #1220504 is a reply to message #1220405] Thu, 12 December 2013 09:00 Go to previous messageGo to next message
Florian Waibel is currently offline Florian Waibel
Messages: 96
Registered: June 2010
Member
I guess your subclass resides in a different package. In this case you will have to update your log configuration to enable logging for your own code.
Re: Enabling DEBUG logging in spring security classes [message #1220580 is a reply to message #1220504] Thu, 12 December 2013 15:50 Go to previous message
Raghuram Devarakonda is currently offline Raghuram Devarakonda
Messages: 11
Registered: November 2012
Junior Member

This did occur to me and I enabled DEBUG for the my subclass's package. How ever, it didn't help.
Previous Topic:How to verify Application are Deployed
Next Topic:Equinox based War to Virgo plan
Goto Forum:
  


Current Time: Fri Sep 19 22:10:19 GMT 2014

Powered by FUDForum. Page generated in 0.10487 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software