JDBCAccessLogValue - 将 HTTP POST 内容记录到 SQL 服务器
JDBCAccessLogValue - Log HTTP POST content into SQL Server
我在 server.xml 中有一个配置,它正在将一些访问数据(remoteHost、userName、virtualHost、方法 (post/get)、查询、referer 记录到 SQL 服务器中数据库(使用 JDBCAccessLogValve)。一切正常,但我需要记录 HTTP POST 的内容,但我不知道该怎么做。
有没有关于JDBCAccessLogValve的配置谁能做这个?
我也读了一些关于过滤器的东西,但我真的不知道如何实现它们。
欢迎任何帮助或建议。
好吧,我终于制作了一个过滤器,而且效果很好。
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
boolean dangerRequest = false;
try {
// TODO: 0. Verify if access_log is enable to this VM
// TODO: 1. Validate content length
if (request.getContentLength() > -1) {
int i = 0;
i++;
}
Date timestamp = new Date();
String virtualHost = httpRequest.getServerName();
String method = httpRequest.getMethod();
String referer = httpRequest.getHeader("referer");
String userAgent = httpRequest.getHeader("user-agent");
StringBuilder url = new StringBuilder();
StringBuffer urlBuffer = httpRequest.getRequestURL();
if (urlBuffer != null) {
url.append(urlBuffer.toString());
}
String queryString = httpRequest.getQueryString();
if (!TextTools.isNullOrEmpty(queryString)) {
url.append("?");
url.append(queryString);
}
String remoteHost = request.getRemoteAddr();
StringBuilder headers = new StringBuilder();
Enumeration<String> allHeaders = httpRequest.getHeaderNames();
// If the servlet container does not allow servlets to use this method >> NULL
if (allHeaders != null) {
while (allHeaders.hasMoreElements()) {
if (headers.length() > 0) {
headers.append("; ");
}
headers.append(allHeaders.nextElement());
}
}
StringBuilder params = new StringBuilder();
Enumeration<String> paramasEnum = request.getParameterNames();
while (paramasEnum.hasMoreElements()) {
String name = paramasEnum.nextElement();
params.append(name);
params.append("=");
String value = request.getParameter(name);
if (value.contains("'")) {
dangerRequest = true;
}
params.append(value);
if (paramasEnum.hasMoreElements()) {
params.append("\r\n");
}
}
Integer contentLength = request.getContentLength();
Connection conn = null;
try {
conn = Server.get().getConn(true);
accessLog accessLog = new accessLog();
accessLog.setTimestamp(timestamp);
if (virtualHost.length() > 64) {
accessLog.setVirtualHost(virtualHost.substring(0, 64));
} else {
accessLog.setVirtualHost(virtualHost);
}
if (method.length() > 8) {
accessLog.setMethod(method.substring(0, 8));
} else {
accessLog.setMethod(method);
}
if (referer.length() > 128) {
accessLog.setReferer(referer.substring(0, 128));
} else {
accessLog.setReferer(referer);
}
if (userAgent.length() > 128) {
accessLog.setUserAgent(userAgent.substring(0, 128));
} else {
accessLog.setUserAgent(userAgent);
}
if (url.toString().length() > 255) {
accessLog.setUrl(url.toString().substring(0, 255));
} else {
accessLog.setUrl(url.toString());
}
if (remoteHost.length() > 15) {
accessLog.setRemoteHost(remoteHost.substring(0, 15));
} else {
accessLog.setRemoteHost(remoteHost);
}
if (headers.toString().length() > 255) {
accessLog.setHeaders(headers.toString().substring(0, 255));
} else {
accessLog.setHeaders(headers.toString());
}
if (params.toString().length() > 255) {
accessLog.setParams(params.toString().substring(0, 255));
} else {
accessLog.setParams(params.toString());
}
accessLog.setContentLength(contentLength);
accessLogDao dao = new accessLogDao(conn, null);
dao.saveRow(accessLog);
conn.commit();
} catch (Exception e) {
Server.get().getLogger().error(e);
conn.rollback();
} finally {
if (conn != null) {
conn.close();
}
}
} catch (Throwable e) {
e.printStackTrace();
}
// TODO: 2. Validate patterns
if (!dangerRequest) {
super.doFilter(request, response, chain);
}
}
我在 server.xml 中有一个配置,它正在将一些访问数据(remoteHost、userName、virtualHost、方法 (post/get)、查询、referer 记录到 SQL 服务器中数据库(使用 JDBCAccessLogValve)。一切正常,但我需要记录 HTTP POST 的内容,但我不知道该怎么做。
有没有关于JDBCAccessLogValve的配置谁能做这个?
我也读了一些关于过滤器的东西,但我真的不知道如何实现它们。 欢迎任何帮助或建议。
好吧,我终于制作了一个过滤器,而且效果很好。
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
boolean dangerRequest = false;
try {
// TODO: 0. Verify if access_log is enable to this VM
// TODO: 1. Validate content length
if (request.getContentLength() > -1) {
int i = 0;
i++;
}
Date timestamp = new Date();
String virtualHost = httpRequest.getServerName();
String method = httpRequest.getMethod();
String referer = httpRequest.getHeader("referer");
String userAgent = httpRequest.getHeader("user-agent");
StringBuilder url = new StringBuilder();
StringBuffer urlBuffer = httpRequest.getRequestURL();
if (urlBuffer != null) {
url.append(urlBuffer.toString());
}
String queryString = httpRequest.getQueryString();
if (!TextTools.isNullOrEmpty(queryString)) {
url.append("?");
url.append(queryString);
}
String remoteHost = request.getRemoteAddr();
StringBuilder headers = new StringBuilder();
Enumeration<String> allHeaders = httpRequest.getHeaderNames();
// If the servlet container does not allow servlets to use this method >> NULL
if (allHeaders != null) {
while (allHeaders.hasMoreElements()) {
if (headers.length() > 0) {
headers.append("; ");
}
headers.append(allHeaders.nextElement());
}
}
StringBuilder params = new StringBuilder();
Enumeration<String> paramasEnum = request.getParameterNames();
while (paramasEnum.hasMoreElements()) {
String name = paramasEnum.nextElement();
params.append(name);
params.append("=");
String value = request.getParameter(name);
if (value.contains("'")) {
dangerRequest = true;
}
params.append(value);
if (paramasEnum.hasMoreElements()) {
params.append("\r\n");
}
}
Integer contentLength = request.getContentLength();
Connection conn = null;
try {
conn = Server.get().getConn(true);
accessLog accessLog = new accessLog();
accessLog.setTimestamp(timestamp);
if (virtualHost.length() > 64) {
accessLog.setVirtualHost(virtualHost.substring(0, 64));
} else {
accessLog.setVirtualHost(virtualHost);
}
if (method.length() > 8) {
accessLog.setMethod(method.substring(0, 8));
} else {
accessLog.setMethod(method);
}
if (referer.length() > 128) {
accessLog.setReferer(referer.substring(0, 128));
} else {
accessLog.setReferer(referer);
}
if (userAgent.length() > 128) {
accessLog.setUserAgent(userAgent.substring(0, 128));
} else {
accessLog.setUserAgent(userAgent);
}
if (url.toString().length() > 255) {
accessLog.setUrl(url.toString().substring(0, 255));
} else {
accessLog.setUrl(url.toString());
}
if (remoteHost.length() > 15) {
accessLog.setRemoteHost(remoteHost.substring(0, 15));
} else {
accessLog.setRemoteHost(remoteHost);
}
if (headers.toString().length() > 255) {
accessLog.setHeaders(headers.toString().substring(0, 255));
} else {
accessLog.setHeaders(headers.toString());
}
if (params.toString().length() > 255) {
accessLog.setParams(params.toString().substring(0, 255));
} else {
accessLog.setParams(params.toString());
}
accessLog.setContentLength(contentLength);
accessLogDao dao = new accessLogDao(conn, null);
dao.saveRow(accessLog);
conn.commit();
} catch (Exception e) {
Server.get().getLogger().error(e);
conn.rollback();
} finally {
if (conn != null) {
conn.close();
}
}
} catch (Throwable e) {
e.printStackTrace();
}
// TODO: 2. Validate patterns
if (!dangerRequest) {
super.doFilter(request, response, chain);
}
}