Package org.logevents.optional.servlets
Class LogEventsServlet
- java.lang.Object
-
- javax.servlet.GenericServlet
-
- javax.servlet.http.HttpServlet
-
- org.logevents.optional.servlets.LogEventsServlet
-
- All Implemented Interfaces:
Serializable
,javax.servlet.Servlet
,javax.servlet.ServletConfig
public class LogEventsServlet extends javax.servlet.http.HttpServlet
A servlet that exposes log information to administrative users via a built in web page. To use, you need to:-
Run your application in a servlet container: Add LogEventsServlet as a servlet in
web.xml
, add in a ServletContextListener or in Spring, add aServletRegistrationBean
-
You need an Identity Provider that supports OpenID Connect to authorize administrative users.
If you don't have any existing options, I suggest creating a (free!) Azure Active Directory
and adding users that should have access as guest users. See
OpenIdConfiguration
to learn how to set this up. -
In order to run LogEventsServlet needs security configuration in your logevents*.properties.
You need to set
observer.servlet.openIdIssuer
,observer.servlet.clientId
andobserver.servlet.clientSecret
. SeeWebLogEventObserver
- If you mount LogEventsServlet on "/logs", the API will be at "/logs/events", the OpenAPI documentation will be at "/logs/openapi.json" and a simple client web page will be at "/logs/"".
Example configuration:
observer.servlet=WebLogEventObserver observer.servlet.openIdIssuer=https://login.microsoftonline.com/common observer.servlet.clientId=12345678-abcd-pqrs-9876-9abcdef01234 observer.servlet.clientSecret=3¤..¤!?qwer observer.servlet.redirectUri=https://my-server.example.com/logs/oauth2callback observer.servlet.requiredClaim.username=johannes@brodwall.com,someone@brodwall.com observer.servlet.requiredClaim.roles=admin
Register LogEventsServlet in your servlet container
Example web.xml-file
<servlet> <servlet-name>LogEvents</servlet-name> <servlet-class>org.logevents.extend.servlets.LogEventsServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>LogEvents</servlet-name> <url-pattern>/*</url-pattern> </servlet-mapping>
Example ServletContextListener
public class ApplicationContext implements ServletContextListener { public void contextInitialized(ServletContextEvent sce) { sce.getServletContext().addServlet("logs", new LogEventsServlet()).addMapping("/logs/*"); } public void contextDestroyed(ServletContextEvent sce) { } }
Example Spring ServletRegistrationBean
@Bean public ServletRegistrationBean servletRegistrationBean(){ return new ServletRegistrationBean(new LogEventsServlet(), "/logs/*"); }
-
-
Constructor Summary
Constructors Constructor Description LogEventsServlet()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected boolean
authenticated(javax.servlet.http.HttpServletResponse resp, javax.servlet.http.Cookie[] cookies)
protected void
copyResource(javax.servlet.http.HttpServletResponse resp, String resource)
protected javax.servlet.http.Cookie
createSessionCookie(Map<String,Object> idToken)
protected String
decrypt(String value)
protected void
doGet(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
protected void
establishSession(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
protected Optional<String>
findCookie(javax.servlet.http.Cookie[] reqCookies, String name)
protected CryptoVault
getCookieVault()
protected String
getLogEventsHtml()
protected LogEventSource
getLogEventSource()
WebLogEventObserver
getObserver()
protected OpenIdConfiguration
getOpenIdConfiguration()
protected String
getServerUrl(javax.servlet.http.HttpServletRequest req)
-
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service, service
-
-
-
-
Method Detail
-
doGet
protected void doGet(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException
- Overrides:
doGet
in classjavax.servlet.http.HttpServlet
- Throws:
IOException
-
getLogEventsHtml
protected String getLogEventsHtml()
-
establishSession
protected void establishSession(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException
- Throws:
IOException
-
getLogEventSource
protected LogEventSource getLogEventSource()
-
getOpenIdConfiguration
protected OpenIdConfiguration getOpenIdConfiguration()
-
findCookie
protected Optional<String> findCookie(javax.servlet.http.Cookie[] reqCookies, String name)
-
createSessionCookie
protected javax.servlet.http.Cookie createSessionCookie(Map<String,Object> idToken)
-
decrypt
protected String decrypt(String value) throws GeneralSecurityException
- Throws:
GeneralSecurityException
-
getCookieVault
protected CryptoVault getCookieVault()
-
authenticated
protected boolean authenticated(javax.servlet.http.HttpServletResponse resp, javax.servlet.http.Cookie[] cookies)
-
copyResource
protected void copyResource(javax.servlet.http.HttpServletResponse resp, String resource) throws IOException
- Throws:
IOException
-
getServerUrl
protected String getServerUrl(javax.servlet.http.HttpServletRequest req)
-
getObserver
public WebLogEventObserver getObserver()
-
-