I've a config in server.xml who is logging some access data (remoteHost, userName, virtualHost, method (post/get), query, referer) into a SQL Server database (with JDBCAccessLogValve). It's doing allright but i need to log the content of HTTP POST and I don't know how to do it.
Is there any configuration on JDBCAccessLogValve who can make this?
I read something about filters too but I really don't know how to implement them. Any help or advice is welcome.
Well I finally ended up making a filter and it's working.
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
boolean dangerRequest = false;
try {
// TODO: 0. Verify if access_log is enable to this VM
// TODO: 1. Validate content length
if (request.getContentLength() > -1) {
int i = 0;
i++;
}
Date timestamp = new Date();
String virtualHost = httpRequest.getServerName();
String method = httpRequest.getMethod();
String referer = httpRequest.getHeader("referer");
String userAgent = httpRequest.getHeader("user-agent");
StringBuilder url = new StringBuilder();
StringBuffer urlBuffer = httpRequest.getRequestURL();
if (urlBuffer != null) {
url.append(urlBuffer.toString());
}
String queryString = httpRequest.getQueryString();
if (!TextTools.isNullOrEmpty(queryString)) {
url.append("?");
url.append(queryString);
}
String remoteHost = request.getRemoteAddr();
StringBuilder headers = new StringBuilder();
Enumeration<String> allHeaders = httpRequest.getHeaderNames();
// If the servlet container does not allow servlets to use this method >> NULL
if (allHeaders != null) {
while (allHeaders.hasMoreElements()) {
if (headers.length() > 0) {
headers.append("; ");
}
headers.append(allHeaders.nextElement());
}
}
StringBuilder params = new StringBuilder();
Enumeration<String> paramasEnum = request.getParameterNames();
while (paramasEnum.hasMoreElements()) {
String name = paramasEnum.nextElement();
params.append(name);
params.append("=");
String value = request.getParameter(name);
if (value.contains("'")) {
dangerRequest = true;
}
params.append(value);
if (paramasEnum.hasMoreElements()) {
params.append("\r\n");
}
}
Integer contentLength = request.getContentLength();
Connection conn = null;
try {
conn = Server.get().getConn(true);
accessLog accessLog = new accessLog();
accessLog.setTimestamp(timestamp);
if (virtualHost.length() > 64) {
accessLog.setVirtualHost(virtualHost.substring(0, 64));
} else {
accessLog.setVirtualHost(virtualHost);
}
if (method.length() > 8) {
accessLog.setMethod(method.substring(0, 8));
} else {
accessLog.setMethod(method);
}
if (referer.length() > 128) {
accessLog.setReferer(referer.substring(0, 128));
} else {
accessLog.setReferer(referer);
}
if (userAgent.length() > 128) {
accessLog.setUserAgent(userAgent.substring(0, 128));
} else {
accessLog.setUserAgent(userAgent);
}
if (url.toString().length() > 255) {
accessLog.setUrl(url.toString().substring(0, 255));
} else {
accessLog.setUrl(url.toString());
}
if (remoteHost.length() > 15) {
accessLog.setRemoteHost(remoteHost.substring(0, 15));
} else {
accessLog.setRemoteHost(remoteHost);
}
if (headers.toString().length() > 255) {
accessLog.setHeaders(headers.toString().substring(0, 255));
} else {
accessLog.setHeaders(headers.toString());
}
if (params.toString().length() > 255) {
accessLog.setParams(params.toString().substring(0, 255));
} else {
accessLog.setParams(params.toString());
}
accessLog.setContentLength(contentLength);
accessLogDao dao = new accessLogDao(conn, null);
dao.saveRow(accessLog);
conn.commit();
} catch (Exception e) {
Server.get().getLogger().error(e);
conn.rollback();
} finally {
if (conn != null) {
conn.close();
}
}
} catch (Throwable e) {
e.printStackTrace();
}
// TODO: 2. Validate patterns
if (!dangerRequest) {
super.doFilter(request, response, chain);
}
}