替换 JBoss 记录的 EJBAccessException 堆栈跟踪
Replace EJBAccessException stacktrace logged by JBoss
我的应用程序中有一个受 EJB 安全保护的 REST 端点。
@Path("/somepath")
@Produces(MediaType.APPLICATION_JSON)
@Stateless
@SecurityDomain("mydomain")
@RolesAllowed({"user"})
public class MyResource extends AbstractResource
如果用户的会话超时,网络应用不知道这一点,如果我尝试与其交互,它会收到 403 FORBIDDEN,这完全没问题。但在服务器日志中,此错误如下所示:
14:47:52,682 ERROR [org.jboss.ejb3.invocation] (http--127.0.0.1-8080-5) JBAS014134: EJB Invocation failed on component MyResource for method public java.lang.String MyResource.getSupplies(): javax.ejb.EJBAccessException: JBAS014502: Invocation on method: public java.lang.String MyResource.getSupplies() of bean: MyResource is not allowed
at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:101) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:76) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:32) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ee.component.ViewDescription.processInvocation(ViewDescription.java:173) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:72) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_55]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_55]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_55]
at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_55]
这些消息又长又没用。我想在日志中用 "WARN: Unauthorized access" 之类的东西替换它们,也许还有一些额外的数据,但没有堆栈跟踪。我不知道该怎么做,因为此消息是由 JBoss 记录的。
我将不胜感激如何才能达到预期的建议!
我的研究表明,一种可能的解决方案是使用 Container Interceptors,它存在于 JBoss AS 的早期版本中,并在 JBoss AS 7.2 中再次出现。但是 7.1.1 中没有这样的东西,巧合的是我的 JBoss 版本。在我的老板决定我们应该转移到 WildFly 之前,我会开放赏金以防万一有人有替代解决方案(不,我不会编译我自己的 JBoss 带有补丁的 AS)。
You should register an ExceptionMapper with RestEasy and do what you want in that handler.
ExceptionMappers are custom, application provided, components that can
catch thrown application exceptions and write specific HTTP responses
您在 web.xml 中注册它们:
<context-param>
<param-name>resteasy.providers</param-name>
<param-value>fully.qualified.package.to.your.CustomEJBAccessExceptionMapper</param-value>
</context-param>
I want to replace them in log with something like "WARN: Unauthorized access" plus maybe some additional data
JBoss 支持自定义记录器。我不确定你是否可以配置它的日志记录以对每个 class 产生影响,但如果可能的话,调整你的日志记录(而不是拦截器等)是一种自然的方式。
我的应用程序中有一个受 EJB 安全保护的 REST 端点。
@Path("/somepath")
@Produces(MediaType.APPLICATION_JSON)
@Stateless
@SecurityDomain("mydomain")
@RolesAllowed({"user"})
public class MyResource extends AbstractResource
如果用户的会话超时,网络应用不知道这一点,如果我尝试与其交互,它会收到 403 FORBIDDEN,这完全没问题。但在服务器日志中,此错误如下所示:
14:47:52,682 ERROR [org.jboss.ejb3.invocation] (http--127.0.0.1-8080-5) JBAS014134: EJB Invocation failed on component MyResource for method public java.lang.String MyResource.getSupplies(): javax.ejb.EJBAccessException: JBAS014502: Invocation on method: public java.lang.String MyResource.getSupplies() of bean: MyResource is not allowed
at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:101) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:76) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:32) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ee.component.ViewDescription.processInvocation(ViewDescription.java:173) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:72) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_55]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_55]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_55]
at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_55]
这些消息又长又没用。我想在日志中用 "WARN: Unauthorized access" 之类的东西替换它们,也许还有一些额外的数据,但没有堆栈跟踪。我不知道该怎么做,因为此消息是由 JBoss 记录的。 我将不胜感激如何才能达到预期的建议!
我的研究表明,一种可能的解决方案是使用 Container Interceptors,它存在于 JBoss AS 的早期版本中,并在 JBoss AS 7.2 中再次出现。但是 7.1.1 中没有这样的东西,巧合的是我的 JBoss 版本。在我的老板决定我们应该转移到 WildFly 之前,我会开放赏金以防万一有人有替代解决方案(不,我不会编译我自己的 JBoss 带有补丁的 AS)。
You should register an ExceptionMapper with RestEasy and do what you want in that handler.
ExceptionMappers are custom, application provided, components that can catch thrown application exceptions and write specific HTTP responses
您在 web.xml 中注册它们:
<context-param>
<param-name>resteasy.providers</param-name>
<param-value>fully.qualified.package.to.your.CustomEJBAccessExceptionMapper</param-value>
</context-param>
I want to replace them in log with something like "WARN: Unauthorized access" plus maybe some additional data
JBoss 支持自定义记录器。我不确定你是否可以配置它的日志记录以对每个 class 产生影响,但如果可能的话,调整你的日志记录(而不是拦截器等)是一种自然的方式。