From d3212c9b23edde88348a63923c0e4848cd4392df Mon Sep 17 00:00:00 2001 From: markt Date: Wed, 2 Jun 2010 15:12:36 +0000 Subject: [PATCH] Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49099 Hooking the CoyoteAdaptor into the existing AccessLog wasn't as invasive as I feared so go that route to log requests rejected by the Adaptor before the request/response reaches the AcessLogValve git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@950587 13f79535-47bb-0310-9956-ffa450edef68 --- java/org/apache/catalina/AccessLog.java | 47 ++++++++++++++ .../apache/catalina/connector/CoyoteAdapter.java | 72 ++++++++++++++++++++++ .../org/apache/catalina/valves/AccessLogValve.java | 36 ++++++----- webapps/docs/config/valve.xml | 9 +++ 4 files changed, 149 insertions(+), 15 deletions(-) create mode 100644 java/org/apache/catalina/AccessLog.java diff --git a/java/org/apache/catalina/AccessLog.java b/java/org/apache/catalina/AccessLog.java new file mode 100644 index 000000000..fc9061d6e --- /dev/null +++ b/java/org/apache/catalina/AccessLog.java @@ -0,0 +1,47 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.catalina; + +import org.apache.catalina.connector.Request; +import org.apache.catalina.connector.Response; + + +/** + * Intended for use by a {@link Valve} to indicate that the {@link Valve} + * provides access logging. It is used by the Tomcat internals (the + * {@link org.apache.catalina.connector.CoyoteAdapter} at the time of writing) + * to identify a Valve that logs access requests so requests that are rejected + * earlier in the processing chain can still be added to the access log. + * Implementations of this interface should be robust against the provided + * {@link Request} and {@link Response} objects being null, having null + * attributes or any other 'oddness' that may result from attempting to log + * a request that was almost certainly rejected because it was mal-formed. + */ +public interface AccessLog { + + /** + * Add the request/response to the access log using the specified processing + * time. + * + * @param request Request (associated with the response) to log + * @param response Response (associated with the request) to log + * @param time Time taken to process the request/response in + * milliseconds (use 0 if not known) + */ + public void log(Request request, Response response, long time); +} diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java index 0e99df6b5..ad5fe884c 100644 --- a/java/org/apache/catalina/connector/CoyoteAdapter.java +++ b/java/org/apache/catalina/connector/CoyoteAdapter.java @@ -24,8 +24,13 @@ import java.util.EnumSet; import javax.servlet.SessionTrackingMode; +import org.apache.catalina.AccessLog; +import org.apache.catalina.Container; import org.apache.catalina.Context; +import org.apache.catalina.Engine; import org.apache.catalina.Globals; +import org.apache.catalina.Host; +import org.apache.catalina.Valve; import org.apache.catalina.Wrapper; import org.apache.tomcat.util.res.StringManager; import org.apache.catalina.comet.CometEvent; @@ -115,6 +120,11 @@ public class CoyoteAdapter implements Adapter { protected static URLEncoder urlEncoder; + /** + * Access log to use for rejected requests + */ + private volatile AccessLog accessLog = null; + // ----------------------------------------------------- Static Initializer @@ -512,12 +522,14 @@ public class CoyoteAdapter implements Adapter { } catch (IOException ioe) { res.setStatus(400); res.setMessage("Invalid URI: " + ioe.getMessage()); + getAccessLog().log(request, response, 0); return false; } // Normalization if (!normalize(req.decodedURI())) { res.setStatus(400); res.setMessage("Invalid URI"); + getAccessLog().log(request, response, 0); return false; } // Character decoding @@ -526,6 +538,7 @@ public class CoyoteAdapter implements Adapter { if (!checkNormalize(req.decodedURI())) { res.setStatus(400); res.setMessage("Invalid URI character encoding"); + getAccessLog().log(request, response, 0); return false; } @@ -585,6 +598,7 @@ public class CoyoteAdapter implements Adapter { res.setStatus(405); res.addHeader("Allow", header); res.setMessage("TRACE method is not allowed"); + getAccessLog().log(request, response, 0); return false; } @@ -623,6 +637,7 @@ public class CoyoteAdapter implements Adapter { redirectPath = redirectPath + "?" + query; } response.sendRedirect(redirectPath); + getAccessLog().log(request, response, 0); return false; } @@ -1075,4 +1090,61 @@ public class CoyoteAdapter implements Adapter { } + /** + * Obtain a reference to the access log to use to log rejected requests. + * + * @return + */ + protected AccessLog getAccessLog() { + if (accessLog != null) { + return accessLog; + } + + // First look in Engine for associated service + Engine engine = (Engine) connector.getService().getContainer(); + accessLog = findAccessLog(engine); + if (accessLog != null) { + return accessLog; + } + + // Then look in default host + Host defaultHost = (Host) engine.findChild(engine.getDefaultHost()); + accessLog = findAccessLog(defaultHost); + if (accessLog != null) { + return accessLog; + } + + // Then look in ROOT context of default host + Context defaultContext = (Context) defaultHost.findChild("/"); + accessLog = findAccessLog(defaultContext); + if (accessLog != null) { + return accessLog; + } + + accessLog = new NoopAccessLog(); + return accessLog; + } + + private AccessLog findAccessLog(Container container) { + if (container == null) { + return new NoopAccessLog(); + } + + Valve valves[] = container.getPipeline().getValves(); + for (Valve valve : valves) { + if (valve instanceof AccessLog) { + return (AccessLog) valve; + } + } + return null; + } + + private static final class NoopAccessLog implements AccessLog { + + @Override + public void log(Request request, Response response, long time) { + // NOOP + } + + } } diff --git a/java/org/apache/catalina/valves/AccessLogValve.java b/java/org/apache/catalina/valves/AccessLogValve.java index 33ee40858..e60f71044 100644 --- a/java/org/apache/catalina/valves/AccessLogValve.java +++ b/java/org/apache/catalina/valves/AccessLogValve.java @@ -36,6 +36,7 @@ import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpSession; +import org.apache.catalina.AccessLog; import org.apache.catalina.LifecycleException; import org.apache.catalina.LifecycleState; import org.apache.catalina.connector.Request; @@ -118,7 +119,7 @@ import org.apache.juli.logging.LogFactory; * @version $Id$ */ -public class AccessLogValve extends ValveBase { +public class AccessLogValve extends ValveBase implements AccessLog { private static final Log log = LogFactory.getLog(AccessLogValve.class); @@ -563,25 +564,30 @@ public class AccessLogValve extends ValveBase { long t2 = System.currentTimeMillis(); long time = t2 - t1; - - if (logElements == null || condition != null - && null != request.getRequest().getAttribute(condition)) { - return; - } - - Date date = getDate(); - StringBuilder result = new StringBuilder(128); - - for (int i = 0; i < logElements.length; i++) { - logElements[i].addElement(result, date, request, response, time); - } - - log(result.toString()); + + log(request,response, time); } else getNext().invoke(request, response); } + public void log(Request request, Response response, long time) { + if (logElements == null || condition != null + && null != request.getRequest().getAttribute(condition)) { + return; + } + + Date date = getDate(); + StringBuilder result = new StringBuilder(128); + + for (int i = 0; i < logElements.length; i++) { + logElements[i].addElement(result, date, request, response, time); + } + + log(result.toString()); + } + + /** * Rename the existing log file to something else. Then open the * old log file name up once again. Intended to be called by a JMX diff --git a/webapps/docs/config/valve.xml b/webapps/docs/config/valve.xml index 8e82f75ad..201489637 100644 --- a/webapps/docs/config/valve.xml +++ b/webapps/docs/config/valve.xml @@ -66,6 +66,15 @@ Host, or Engine), and will record ALL requests processed by that container.

+

Some requests (e.g. those with mal-formed URLs) may be rejected by Tomcat + before they are passed to a container. In these cases Tomcat will look in + the Engine, then the default Host for the + Engine and finally the ROOT (or default) Context + for the default Host for an AccessLogValve or + other AccessLog implementation. Tomcat will use the first + AccessLog implementation found to log those requests that are + rejected before they are passed to a container.

+ -- 2.11.0