Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

accesslog - porting accesslogs capabilities from DT's gateway #113

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

accesslog - porting accesslogs capabilities from DT's gateway #113

wants to merge 3 commits into from

Conversation

pmauduit
Copy link
Member

@pmauduit pmauduit commented Mar 26, 2024
edited
Loading

Somehow relates to #112

This work has been done on the DT fork but not ported here yet.

TODO:

  • Adding documentation ; DT is making use of JSON format, I think we can have something as JSON or closer to what is expected in Produce logs for the analytics module #112 with only changes in the logging configuration, making everyone happy. Note that the -Dreactor.netty.http.server.accessLogEnabled=true should also be documented
  • One test related to rabbitmq event emission is failing, because it expects an output from the console testcontainer, which somehow does not work with the modified logging configuration. There might be something more relevant than parsing the container output as test result, but not sure of what could be a better approach yet.

@pmauduit
Copy link
Member Author

  • One test related to rabbitmq event emission is failing

maybe the test should go into the console testsuite instead of here ?

@f-necas f-necas force-pushed the main branch 2 times, most recently from 74698bf to 4660e3a Compare July 11, 2024 09:45
@jeanpommier jeanpommier mentioned this pull request Jan 2, 2025
Open
@pmauduit pmauduit requested a review from f-necas January 17, 2025 10:17
pmauduit and others added 3 commits January 17, 2025 11:21
@pmauduit
Add AccessLog and X-Request-Id filters to provide additional informat…
f019b6d 
…ion on the MDC

The `AccessLogFilter` logs at the `org.georchestra.gateway.accesslog`
logging topic, appending additional information to the MDC useful for
analysis on collected logs:

- route-id
- route-uri
- remoteAddress
- auth-user
- auth-roles
- X-Request-ID

The `RequestIdGlobalFilter` propagates incoming `X-Request-ID` request headers
to the downstream services, and returns the same value to the caller.
@groldan @pmauduit
AccessLog: log the effective role names as auth-roles
ba2c7a6 
The effective authentication role names may differ from the authority
names given by the authentication provider due to role mappings.

Use the effective set of role names as the MDC's auth-roles entry,
and add the auth provider role names as principal-roles for the sake of
debugging.
@groldan @pmauduit
AccessLogFilter: clear MDC after logging
2c442ff
@pmauduit
Copy link
Member Author

pmauduit commented Jan 17, 2025
edited
Loading

force-pushed after having rebased

@pmauduit pmauduit requested a review from groldan January 17, 2025 10:42
@pmauduit pmauduit marked this pull request as ready for review January 17, 2025 10:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@f-necas f-necas Awaiting requested review from f-necas

@groldan groldan Awaiting requested review from groldan

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pmauduit @groldan