ID-4318: Filtrer vekk logging av statiske resurser (#106)

* Bump org.apache.maven.plugins:maven-source-plugin from 3.3.0 to 3.3.1

Bumps [org.apache.maven.plugins:maven-source-plugin](https://github.com/apache/maven-source-plugin) from 3.3.0 to 3.3.1.
- [Commits](apache/maven-source-plugin@maven-source-plugin-3.3.0...maven-source-plugin-3.3.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-source-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* Static resources are now filtered by checking what handler mapping was used to process the request.
* Added config setting to also filter against a list of paths
* Moved "enable" config setting to digdir.access.logging.enabled
* Uses standard tomcat properties for enabling or disabling logging.

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anne Marte Hjemås <[email protected]>
Co-authored-by: Kim Taavo <[email protected]>

README.md

@@ -36,7 +36,7 @@ Or, for Spring Boot 3:
 <dependency>
     <groupId>no.idporten.logging</groupId>
     <artifactId>idporten-access-log-spring-boot-3-starter</artifactId>
-    <version>2.0.2</version>
+    <version>2.3.4</version>
 </dependency>
 ```
 
@@ -77,20 +77,24 @@ spring:
     environment: current-running-environment
 ```
 
-If you want to disable the Tomcat access logging completely, e.g. for local development, you can set the following property:
+The library uses the standard tomcat accesslog property for enabling or disabling logging:
 ```yaml
-tomcat:
-  accesslog: disabled
+server:
+  tomcat:
+    accesslog:
+      enabled: true # default is true if not set
 ```
-Set this property to 'enabled' or remove completely to enable Tomcat access logging.
 
 Use your own logback-access.xml file or configure debug-logging:
 ```yaml
 digdir:
   access:
     logging:
-      debug-level: request
+      debug-level: request # [request|response],  default config if not set or null
       config-file: my-logback.xml # will override debug setting
+      filtering:
+        static-resources: true # filters out static resources. default is true
+        paths: /config.json, /.well-known # comma-separated list of paths to filter out. Matches paths using .startsWith(). Default is empty. 
 ```
 USE EITHER `debug-level` OR `config-file`, not both.
 Valid values for debug-level are: 

idporten-access-log-spring-boot-3-starter/src/main/java/no/idporten/logging/access/AccessLogsConfiguration.java

@@ -10,6 +10,8 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
+import java.util.List;
+
 @Configuration
 @EnableConfigurationProperties(AccessLogsProperties.class)
 public class AccessLogsConfiguration {
@@ -32,9 +34,18 @@ public static AccessLogsProperties getProperties() {
     @Value("${digdir.access.logging.debug-level:}")
     String debugLevel;
 
+    @Value("${digdir.access.logging.filtering.static-resources:true}")
+    boolean filterStaticResources;
+
+    @Value("${digdir.access.logging.filtering.paths:}")
+    List<String> filterPaths;
+
+    @Value("${tomcat.accesslog:}")
+    String deprecatedTomcatAccessLogProperty;
+
 
     @Bean
-    @ConditionalOnProperty(prefix = "tomcat", name = "accesslog", havingValue = "enabled", matchIfMissing = true)
+    @ConditionalOnProperty(name = "server.tomcat.accesslog.enabled", havingValue = "true", matchIfMissing = true)
     public WebServerFactoryCustomizer<TomcatServletWebServerFactory> accessLogsCustomizer(AccessLogsProperties props) {
         if (properties == null) {
             properties = props;
@@ -43,10 +54,16 @@ public WebServerFactoryCustomizer<TomcatServletWebServerFactory> accessLogsCusto
 
         LoggerFactory.getLogger(AccessLogsConfiguration.class).info("Initialize accessLogsCustomizer for Tomcat Access Logging as JSON. Use config-file: " + logbackConfigFile);
 
+        if(deprecatedTomcatAccessLogProperty != null && !deprecatedTomcatAccessLogProperty.equals("enabled")) { // deprecated property is set, and set to something else than 'enabled'
+            LoggerFactory.getLogger(AccessLogsConfiguration.class).warn("Property 'tomcat.accesslog' is deprecated. Use 'server.tomcat.accesslog.enabled=false' instead.");
+        }
+
         return factory -> {
             var logbackValve = new LogbackValve();
             logbackValve.setFilename(logbackConfigFile);
             logbackValve.setAsyncSupported(true);
+            logbackValve.setFilterStaticResources(filterStaticResources);
+            logbackValve.setFilterPaths(filterPaths);
             factory.addContextValves(logbackValve);
         };
     }

idporten-access-log-spring-boot-3-starter/src/main/java/no/idporten/logging/access/tomcat/LogbackValve.java

@@ -36,6 +36,8 @@
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.catalina.valves.ValveBase;
+import org.springframework.web.servlet.HandlerMapping;
+import org.springframework.web.servlet.resource.ResourceHttpRequestHandler;
 
 import java.io.File;
 import java.io.IOException;
@@ -96,6 +98,17 @@ public class LogbackValve extends ValveBase
 
     private ScheduledExecutorService scheduledExecutorService;
 
+    private boolean filterStaticResources = true;
+    public void setFilterStaticResources(boolean filterStaticResources) {
+        this.filterStaticResources = filterStaticResources;
+    }
+
+    private List<String> filterPaths = null;
+    public void setFilterPaths(List<String> filterPaths) {
+        this.filterPaths = filterPaths;
+    }
+
+
     public LogbackValve() {
         putObject(CoreConstants.EVALUATOR_MAP, new HashMap<String, EventEvaluator<?>>());
     }
@@ -242,6 +255,24 @@ public void invoke(Request request, Response response) throws IOException, Servl
 
             getNext().invoke(request, response);
 
+            if (response.getStatus() < 400) { // only filter out successful requests
+                if (filterStaticResources) {
+                    Object handlerObject = request.getAttribute(HandlerMapping.BEST_MATCHING_HANDLER_ATTRIBUTE);
+                    if (handlerObject instanceof ResourceHttpRequestHandler) {
+                        return; // skip logging static resources
+                    }
+                }
+
+                if (filterPaths != null) {
+                    String requestURI = request.getRequestURI();
+                    for (String filterPath : filterPaths) {
+                        if (requestURI.startsWith(filterPath)) {
+                            return; // skip logging paths that are filtered
+                        }
+                    }
+                }
+            }
+
             TomcatServerAdapter adapter = new TomcatServerAdapter(request, response);
             IAccessEvent accessEvent = new AccessEvent(this, request, response, adapter);
 

idporten-access-log-spring-boot-3-starter/src/main/resources/logback-access-req-full.xml

@@ -3,27 +3,6 @@
     <property resource="application.yaml" />
     <property resource="application.yml" />
     <appender name="accessJsonConsoleAppender" class="ch.qos.logback.core.ConsoleAppender">
-        <filter class="ch.qos.logback.core.filter.EvaluatorFilter">      
-            <evaluator>
-                <expression>
-                    String uri = event.getRequestURI();
-                    if((event.getStatusCode() == 200 || event.getStatusCode() == 304)
-                        &amp;&amp; ((uri.startsWith("/css"))
-                                || (uri.startsWith("/js")) 
-                                || (uri.startsWith("/webfonts"))
-                                || (uri.startsWith("/img"))
-                                || (uri.startsWith("/favicon")))){
-                                    return true;
-                                }
-                    else if(uri.startsWith("/apple")){
-                        return true;
-                    }
-                    return false;
-                </expression>
-            </evaluator>
-            <OnMismatch>NEUTRAL</OnMismatch>
-            <OnMatch>DENY</OnMatch>
-        </filter>
         <encoder class="net.logstash.logback.encoder.AccessEventCompositeJsonEncoder">
             <providers>
                 <timestamp />

idporten-access-log-spring-boot-3-starter/src/main/resources/logback-access-req-resp-full.xml

@@ -3,27 +3,6 @@
     <property resource="application.yaml" />
     <property resource="application.yml" />
     <appender name="accessJsonConsoleAppender" class="ch.qos.logback.core.ConsoleAppender">
-        <filter class="ch.qos.logback.core.filter.EvaluatorFilter">      
-            <evaluator>
-                <expression>
-                    String uri = event.getRequestURI();
-                    if((event.getStatusCode() == 200 || event.getStatusCode() == 304)
-                        &amp;&amp; ((uri.startsWith("/css"))
-                                || (uri.startsWith("/js")) 
-                                || (uri.startsWith("/webfonts"))
-                                || (uri.startsWith("/img"))
-                                || (uri.startsWith("/favicon")))){
-                                    return true;
-                                }
-                    else if(uri.startsWith("/apple")){
-                        return true;
-                    }
-                    return false;
-                </expression>
-            </evaluator>
-            <OnMismatch>NEUTRAL</OnMismatch>
-            <OnMatch>DENY</OnMatch>
-        </filter>
         <encoder class="net.logstash.logback.encoder.AccessEventCompositeJsonEncoder">
             <providers>
                 <timestamp />

idporten-access-log-spring-boot-3-starter/src/main/resources/logback-access.xml

@@ -3,27 +3,6 @@
     <property resource="application.yaml" />
     <property resource="application.yml" />
     <appender name="accessJsonConsoleAppender" class="ch.qos.logback.core.ConsoleAppender">
-        <filter class="ch.qos.logback.core.filter.EvaluatorFilter">      
-            <evaluator>
-                <expression>
-                    String uri = event.getRequestURI();
-                    if((event.getStatusCode() == 200 || event.getStatusCode() == 304)
-                        &amp;&amp; ((uri.startsWith("/css"))
-                                || (uri.startsWith("/js")) 
-                                || (uri.startsWith("/webfonts"))
-                                || (uri.startsWith("/img"))
-                                || (uri.startsWith("/favicon")))){
-                                    return true;
-                                }
-                    else if(uri.startsWith("/apple")){
-                        return true;
-                    }
-                    return false;
-                </expression>
-            </evaluator>
-            <OnMismatch>NEUTRAL</OnMismatch>
-            <OnMatch>DENY</OnMatch>
-        </filter>
         <encoder class="net.logstash.logback.encoder.AccessEventCompositeJsonEncoder">
             <providers>
                 <timestamp />

pom.xml

@@ -28,8 +28,8 @@
         <!-- maven plugins -->
         <maven-compiler-plugin.version>3.13.0</maven-compiler-plugin.version>
         <maven-resources-plugin.version>3.3.1</maven-resources-plugin.version>
+        <maven-source-plugin.version>3.3.1</maven-source-plugin.version>
         <maven-deploy-plugin.version>3.1.2</maven-deploy-plugin.version>
-        <maven-source-plugin.version>3.3.0</maven-source-plugin.version>
     </properties>
 
     <dependencyManagement>