Roll Logs Into Specific Directory Log4j2 - log4j2

Goal: Have Log4j2:
Create the root "logs" directory if it doesn't exist.
Create an "archive" directory if it doesn't exist so RollingFile appender can save the rolled logs.
Expected Result:
..\logs\MyLog.log
..\logs\archive\MyLog_2022-03-03_1.log
..\logs\archive\MyLog_2022-03-03_2.log
..\logs\archive\MyLog_2022-03-03_3.log
.
.
..\logs\archive\MyLog_2022-03-03_20.log
I'm expecting the creation of "logs" & "archive" directories in case they aren't there on start-up/1st roll.
Actual Results:
Regarding the "logs" directory:
if the "logs" directory doesn't exist prior to start-up then system continues running without logging anything or creating the directory.
if the "logs" directory exists prior to start-up then it saves the main log file to it.
Regarding the "archive" directory for rolling logs:
if the "archive" directory doesn't exist prior to start-up then it is created, the system crashes and an exception is thrown.
if the "logs" directory exists prior to start-up then the system crashes and an exception is thrown.
What I have tried:
Replacing the properties with their actual hard-coded values.
Replacing the path with "./" at the beginning.
Replacing the path with "../" at the beginning.
Replacing the beginning of the path with various possible Lookups from Log4j2's documentation.
Hard-coding the full-path, which worked but is not an option to use as it will change according to the customer's installation location.
Configuration:
<Properties>
<Property name="log.dir">logs</Property>
<Property name="log.file">MyLog</Property>
<Property name="pattern">%d %-5p [%t] %c{2}:%L - %m%n</Property>
</Properties>
<RollingFile name="MainLog" fileName="${log.dir}/${log.file}.log" filePattern="${log.dir}/archive/${log.file}_%d{MM-dd-yyyy}_%i.log.gz">
<PatternLayout pattern="${pattern}" />
<Policies>
<SizeBasedTriggeringPolicy size="20 MB" />
</Policies>
<DefaultRolloverStrategy max="20" />
</RollingFile>
Research:
I've tried various Google searches and looked into many Stackoverflow questions, I will not be listing them here as they do not include any actual relevant data. Weirdly enough, I wasn't able to find any similar question.
What am I missing?

Related

For keycloak-19.0.3-legacy docker image, how can I enable redirect_uri legacy functionality?

I need to set the flags to enable the default redirect_uri behavior for keycloak 19.0.3-legacy.
However, nothing I've tried so far has worked.
We're using the standalone-ha.xml configuration file. (not sure if this is the could be the right place to configure this.)
I need to set the following flags:
spi-login-protocol-openid-connect-suppress-logout-confirmation-screen=true
spi-login-protocol-openid-connect-legacy-logout-redirect-uri=true
https://www.keycloak.org/docs/19.0.3/upgrading/#openid-connect-logout-prompt
https://www.keycloak.org/docs/latest/upgrading/#openid-connect-logout
However, I run a standalone instance and don't run using kc.sh.
I've tried setting environment variables without success:
KC_SPI_LOGIN_PROTOCOL_OPENID_CONNECT_LEGACY_LOGOUT_REDIRECT_URI=true
KC_SPI_LOGIN_PROTOCOL_OPENID_CONNECT_SUPPRESS_LOGOUT_CONFIRMATION_SCREEN=true
and
KEYCLOAK_SPI_LOGIN_PROTOCOL_OPENID_CONNECT_LEGACY_LOGOUT_REDIRECT_URI=true
KEYCLOAK_SPI_LOGIN_PROTOCOL_OPENID_CONNECT_SUPPRESS_LOGOUT_CONFIRMATION_SCREEN=true
and
SPI_LOGIN_PROTOCOL_OPENID_CONNECT_LEGACY_LOGOUT_REDIRECT_URI=true
SPI_LOGIN_PROTOCOL_OPENID_CONNECT_SUPPRESS_LOGOUT_CONFIRMATION_SCREEN=true
and
LEGACY_LOGOUT_REDIRECT_URI=true
SUPPRESS_LOGOUT_CONFIRMATION_SCREEN=true
I've also tried to adding to a config file, but it doesn't seem to have been picked up from where it was put in the Dockerfile.
Dockerfile:
COPY conf.d/keycloak.conf /opt/jboss/keycloak/conf/keycloak.conf
and
COPY conf.d/keycloak.conf /opt/keycloak/conf/keycloak.conf
keycloak.conf
spi-login-protocol-openid-connect-suppress-logout-confirmation-screen=true
spi-login-protocol-openid-connect-legacy-logout-redirect-uri=true
and
suppress-logout-confirmation-screen=true
legacy-logout-redirect-uri=true
I also tried adding it to thedocker-entrypoint.sh parameters:
exec /opt/jboss/tools/docker-entrypoint.sh $# -Dspi-login-protocol-openid-connect-suppress-logout-confirmation-screen=true -Dspi-login-protocol-openid-connect-legacy-logout-redirect-uri=true
and
--This one won't even start up. It fails stating that the parameters are invalid.
exec /opt/jboss/tools/docker-entrypoint.sh $# --spi-login-protocol-openid-connect-suppress-logout-confirmation-screen=true --spi-login-protocol-openid-connect-legacy-logout-redirect-uri=true
Update 1/24/23
Tried updating standalone-ha.xml, but it seems to have been ignored:
<subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
<web-context>auth</web-context>
<providers>
<provider>
classpath:${jboss.home.dir}/providers/*
</provider>
<provider>
module:org.keycloak.storage.ldap.LDAPSyncOnly
</provider>
</providers>
<master-realm-name>master</master-realm-name>
<scheduled-task-interval>900</scheduled-task-interval>
<theme>
<staticMaxAge>2592000</staticMaxAge>
<cacheThemes>false</cacheThemes>
<cacheTemplates>false</cacheTemplates>
<welcomeTheme>${env.KEYCLOAK_WELCOME_THEME:keycloak}</welcomeTheme>
<default>${env.KEYCLOAK_DEFAULT_THEME:keycloak}</default>
<dir>${jboss.home.dir}/themes</dir>
</theme>
... Bunch of other spi tags. ...
<spi name="login-protocol">
<provider name="openid-connect" enabled="true">
<properties>
<property name="suppress-logout-confirmation-screen" value="true"/>
<property name="legacy-logout-redirect-uri" value="true"/>
</properties>
</provider>
</spi>
</subsystem>
Useful links:
https://github.com/keycloak/keycloak/blob/10b7475b0431ed380d45b840578bc666ecb3263a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolFactory.java#L106-L121
Shows the warning message that will print to the logs if this is set correctly.
https://www.keycloak.org/server/configuration#_example_configuring_the_db_url_host_parameter
Shows alternate ways to configure keycloak.
https://github.com/keycloak/keycloak-containers/tree/19.0.3
https://quay.io/repository/keycloak/keycloak?tab=tags
We figured it out.
By adding the following CLI commands we can properly update the high availability config file to enable the legacy flag.
embed-server --server-config=standalone-ha.xml --std-out=echo
/subsystem=keycloak-server/spi=login-protocol:add
/subsystem=keycloak-server/spi=login-protocol/provider=openid-connect:add(enabled=true)
/subsystem=keycloak-server/spi=login-protocol/provider=openid-connect:write-attribute(name=properties.legacy-logout-redirect-uri,value=true)
/subsystem=keycloak-server/spi=login-protocol/provider=openid-connect:write-attribute(name=properties.suppress-logout-confirmation-screen,value=true)
stop-embedded-server
I don't know why this worked but manually editing the standalone-ha.xml config didn't.

Log4j2 logging level becomes different in Java 8 and Java 11

Log4j2 release 2.11.0 / 2.11.1 worked fine in Java 8 applications but not in Java 11
Here is an example of log4j2.xml:
<?xml version="1.0" encoding="UTF-8"?>
<Configuration>
<Properties>
<Property name="log-path">C:\\MyTestXXXX\\EnterpriseLogs</Property>
</Properties>
<Appenders>
<RollingFile name="MyTestOnly" fileName="${log-path}\ServerLog.log" filePattern="${log-path}\ServerLog_%d{yyyy-MM-dd}_%i.log" append="true">
<PatternLayout>
<Pattern>[#%d{HH:mm:ss}|%p|%m#]%n</Pattern>
</PatternLayout>
<Policies>
<CronTriggeringPolicy schedule="0 0 0 * * ?" evaluateOnStartup="true"/>
<SizeBasedTriggeringPolicy size="10 MB"/>
</Policies>
<DefaultRolloverStrategy/>
</RollingFile>
</Appenders>
<Loggers>
<Logger name="OnlyLOG" additivity="true">
<AppenderRef ref="MyTestOnly" level="ALL" />
<Logger>
<Root level="ALL" />
</Loggers>
</Configuration>
In the Java source code, I did this:
import org.apache.logging.log4j.*;
import org.apache.logging.log4j.core.Logger;
...
// Get org.apache.logging.log4j.core.Logger
Logger logger = (Logger) LogManager.getLogger("OnlyLOG");
logger.log(Level.forName("INFO", 600), "Log this text now!", new Exception("xxxxxx"));
Running in Java 8, I can see that serverLog.log has the content, which is good.
Running in Java 11, there is no log.
Through further study (debugging), I found this line interesting:
Logger logger = (Logger) LogManager.getLogger("OnlyLOG");
After execution, in Java 8, logger was something like "ALL in 2f333739", and log was fine.
But in Java 11, logger was something like "ERROR in 2f333739" and there was no log. Obviously the level became "ERROR" instead of "ALL".
So, I tries this in Java 11:
Level loggerLevel = logger.getLevel(); // Obviously it is ERROR level
logger.log(loggerLevel, "Log this text now!", new Exception("xxxxxx"));
The log happened in console (likely went through Root), not in the ServerLog.log that was configured in log4j2.xml for logger OnlyLOG.
So, what caused the level difference between Java 8 and Java 11? In other words, what should be modified so that in Java 11, log can still work the same way as in Java 8?
The issue is resolved. Here is the reason.
I used a new Eclipse IDE to run Java 11, when adding a project, I added lib folder to the class path, since log4j2.xml was in the lib folder. Now I inspected the IDE configuration a second time and found out that the lib folder was not in the class path. After a second attempt, the configuration is fine and logging becomes normal.
I made a second test by adding a brand new project into the Eclipse IDE. Interestingly enough, when adding lib folder to the class path, indeed I had to try twice, because the first time it was not added. By the way, the computer runs Windows 10. This did not happen when using a computer running in Windows 7.
Regardless, Log4j2 works fine in both Java 8 and Java 11.

Tomcat 8.5 context path not working correctly

I have an application with the name cat_tiger.war that gets deployed as localhost:8080/cat_tiger but I want to change the context path to localhost:8080/cat/lion/ instead. I've added the META-INF/context.xml file as
<?xml version="1.0" encoding="UTF-8"?>
<Context copyXML="true" docBase="cat_tiger" path="/cat/lion"/>
and the server.xml file to be
<Host name="localhost" appBase="webapps"
copyXML="true" deployXML="true"
unpackWARs="true" autoDeploy="true">
but it still deploys as localhost:8080/cat_tiger/
Any ideas as to what else needs to be changed?
EDIT:
[1] Tomcat 8.5.3
[2]
04-Sep-2018 13:50:41.830 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDescriptor Deployment of configuration descriptor [/opt/tomcat/conf/Catalina/localhost/cat_tiger.xml] has finished in [2,750] ms
...
...
04-Sep-2018 13:50:39.070 WARNING [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDescriptor A docBase [/opt/tomcat/webapps/cat_tiger] inside the host appBase has been specified, and will be ignored
[3] I'm deploying through Netbeans but will have to be deployed in a Docker container eventually.
I don't understand why you are having problems, but I've created the web project using NetBeans 8.2 (File > New Project... > Java Web > Web Application), and successfully changed the context, so perhaps if I give details of my project you can identify where there's a crucial difference.
1 cat_tiger\web\META-INF\context.xml
My file looks identical to yours:
<?xml version="1.0" encoding="UTF-8"?>
<Context copyXML="true" docBase="cat_tiger" path="/cat/lion"/>
[2] Run output
Select the project node, right click and select Run from the popup menu to run on Tomcat 8.5:
ant -f D:\\NB82\\cat_tiger -Dnb.internal.action.name=run -Ddirectory.deployment.supported=true -DforceRedeploy=false -Dnb.wait.for.caches=true -Dbrowser.context=D:\\NB82\\cat_tiger -Duser.properties.file=C:\\Users\\johndoe\\AppData\\Roaming\\NetBeans\\8.2\\build.properties run
init:
deps-module-jar:
deps-ear-jar:
deps-jar:
library-inclusion-in-archive:
library-inclusion-in-manifest:
compile:
compile-jsps:
In-place deployment at D:\NB82\cat_tiger\build\web
Deployment is in progress...
deploy?config=file%3A%2FC%3A%2FUsers%2Fjohndoe%2FAppData%2FLocal%2FTemp%2Fcontext7953615149857268018.xml&path=/cat/lion
OK - Deployed application at context path [/cat/lion]
Start is in progress...
start?path=/cat/lion
OK - Started application at context path [/cat/lion]
run-deploy:
Browsing: http://localhost:8080/cat/lion
run-display-browser:
run:
BUILD SUCCESSFUL (total time: 0 seconds)
Actually, you probably don't need to run the application to see the problem; just select Deploy instead of Run from the popup menu. This is the output I get from Deploy:
ant -f D:\\NB82\\cat_tiger -Dnb.internal.action.name=redeploy -Ddirectory.deployment.supported=true -DforceRedeploy=true -Dnb.wait.for.caches=true -Dbrowser.context=D:\\NB82\\cat_tiger -Duser.properties.file=C:\\Users\\johndoe\\AppData\\Roaming\\NetBeans\\8.2\\build.properties run-deploy
init:
deps-module-jar:
deps-ear-jar:
deps-jar:
library-inclusion-in-archive:
library-inclusion-in-manifest:
compile:
compile-jsps:
Undeploying ...
undeploy?path=/cat_tiger
OK - Undeployed application at context path [/cat_tiger]
In-place deployment at D:\NB82\cat_tiger\build\web
Deployment is in progress...
deploy?config=file%3A%2FC%3A%2FUsers%2Fjohndoe%2FAppData%2FLocal%2FTemp%2Fcontext5063723197082921373.xml&path=/cat/lion
OK - Deployed application at context path [/cat/lion]
Start is in progress...
start?path=/cat/lion
OK - Started application at context path [/cat/lion]
run-deploy:
BUILD SUCCESSFUL (total time: 0 seconds)
[3] Tomcat log
Here are the deployment details in the Tomcat log, where you can see that my deployment shows the context correctly, whereas yours does not:
05-Sep-2018 23:09:09.321 INFO [http-nio-8080-exec-6] org.apache.catalina.startup.HostConfig.deployDescriptor Deploying configuration descriptor [C:\apache-tomcat-8.5.20\conf\Catalina\localhost\cat#lion.xml]
05-Sep-2018 23:09:09.334 INFO [http-nio-8080-exec-6] org.apache.catalina.startup.HostConfig.deployDescriptor Deployment of configuration descriptor [C:\apache-tomcat-8.5.20\conf\Catalina\localhost\cat#lion.xml] has finished in [13] ms
05-Sep-2018 23:09:09.338 INFO [http-nio-8080-exec-5] org.apache.catalina.util.LifecycleBase.start The start() method was called on component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/cat/lion]] after start() had already been called. The second call will be ignored.
[4] C:\apache-tomcat-8.5.20\conf\Catalina\localhost\cat#lion.xml
This is the file Tomcat created when deploying the application:
<?xml version="1.0" encoding="UTF-8"?>
<Context copyXML="true" docBase="D:\NB82\cat_tiger\build\web" path="/cat/lion"/>
Note that docBase contains an absolute path.
[5] server.xml
Here's the entire content. I'm using Tomcat 8.5. Note that the <host> element is slightly different to yours, but when I added copyXML="true" deployXML="true" to the <host> element (so it looked like yours) everything continued to work fine:
<?xml version="1.0" encoding="UTF-8"?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener"/>
<Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/>
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
<GlobalNamingResources>
<Resource auth="Container" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" name="UserDatabase" pathname="conf/tomcat-users.xml" type="org.apache.catalina.UserDatabase"/>
</GlobalNamingResources>
<Service name="Catalina">
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443" relaxedQueryChars="[]|{}^+\`"<>"/>
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
<Engine defaultHost="localhost" name="Catalina">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
</Realm>
<Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" pattern="%h %l %u %t "%r" %s %b" prefix="localhost_access_log" suffix=".txt"/>
<Context docBase="C:\apache-tomcat-8.5.20\wtpwebapps\PlusServlet" path="/PlusServlet" reloadable="true" source="org.eclipse.jst.jee.server:PlusServlet"/>
</Host>
</Engine>
</Service>
</Server>
Updated 9/6/2018:
Ignore the answer given above! Even though it happened to work for my configuration, the approach is explicitly disallowed in the Tomcat documentation.
Specifically, path should not be specified within the <Context> of a context.xml file placed within the application's META-INF directory. From the path description in the Common Attributes section of the Tomcat 8.5 documentation for the Context Container:
This attribute must only be used when statically defining a Context in
server.xml. In all other circumstances, the path will be inferred from
the filenames used for either the .xml context file or the docBase.
Even when statically defining a Context in server.xml, this attribute
must not be set unless either the docBase is not located under the
Host's appBase or both deployOnStartup and autoDeploy are false. If
this rule is not followed, double deployment is likely to result.

Setting java.io.tmpdir in Wildfly 8.2

I am attempting to set the location of the system property java.io.tmpdir to something other than the default "/tmp" in my standalone.xml file.
I have added the following element after the <extensions> element:
<system-properties>
<property name="java.io.tmpdir" value="/tmp/wildfly"/>
</system-properties>
However, when I start up wildfly, I see this in the log file:
java.io.tmpdir = /tmp
I don't see anywhere in any of the bin*.conf files or the bin*.sh files that's setting this... what am I missing?
Thanks.

liquibase future rollback error with sqlFile tag: File not found

I've added the future-rollback tag to my ant script. What i want to do (and I think future-rollback is what Im looking for) is to generate an sql rollback script, but without executing it (rollback script must be delivered with sql scripts is the requirement from my client).
My changelog file has many changesets, some of which contain the <sqlFile> tag.
For example:
<databaseChangeLog ...>
<include file="latest/somesqlprocedure.xml" relativeToChangelogFile="true"/>
</databaseChangelog...>
Where the latest/somesqlprocedure.xml has an sqlFile tag.
<databaseChangeLog
xmlns="http://www.liquibase.org/xml/ns/dbchangelog/1.9"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog/1.9 http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-1.9.xsd">
<sqlFile path="${changelog.dir}/latest/myprocedure.sql" splitStatements="false" />
</changeSet>
</databaseChangeLog>
When I run the ant script, I get the following error
liquibase.exception.ChangeLogParseException:
Invalid Migration File: <sqlfile
path=${changelog.dir}/latest/myprocedure.sql>
- Could not find file
Does anyone has an idea of whats going on ?
This is a snippet of the build.xml file
<target name="db-future-rollback" depends="init">
<rollbackFutureDatabase
changeLogFile="${db.changelog.file}"
driver="${database.driver}"
url="${database.url}"
username="${database.username}"
password="${database.password}"
outputfile="${database.rollback.dir}"
promptOnNonLocalDatabase="${prompt.user.if.not.local.database}"
classpathref="project.classpath"
>
</rollbackFutureDatabase>
</target>
Thanks in advance.
The problem may be coming from using an absolute path in your sqlFile, rather than a classpath-relative path. The classpath relative path was what was originally supported in liquibase and is still better tested. The absolute path option was added recently, and the futureRollbackSql code may have not been patched to support it.
Can you try the sqlFile using a relative path?
As a side note, the relative path option is generally better because the filename is used in the databasechangelog table to note which changeSets have ran. If you use an absolute path, the entire path is stored and if you try to re-run the changelog from a different path (or running against the same database from a different machine), liquibase will think it is a different changeSet and try to re-run it.

Resources