1

Spring Boot REST 应用程序在这里。我正在尝试配置 Spring Boot 请求审核,以记录任何资源/控制器接收到的每个 HTTP 请求,其中包含以下信息:

  1. 我需要在日志中查看客户端请求的确切 HTTP URL(路径),包括 HTTP 方法和任何查询字符串参数;和
  2. 如果有请求正文(例如带有 POST 或 PUT),我还需要在日志中查看该正文的内容

到目前为止我最好的尝试:

@Component
public class MyAppAuditor {
    private Logger logger;

    @EventListener
    public void handleAuditEvent(AuditApplicationEvent auditApplicationEvent) {
        logger.info(auditApplicationEvent.auditEvent);
    }
}

public class AuditingTraceRepository implements TraceRepository {
    @Autowired
    private ApplicationEventPublisher applicationEventPublisher

    @Override
    List<Trace> findAll() {
        throw new UnsupportedOperationException("We don't expose trace information via /trace!");
    }

    @Override
    void add(Map<String, Object> traceInfo) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        AuditEvent traceRequestEvent = new AuditEvent(new Date(), "SomeUser", 'http.request.trace', traceInfo);
        AuditApplicationEvent traceRequestAppEvent = new AuditApplicationEvent(traceRequestEvent);

        applicationEventPublisher.publishEvent(traceRequestAppEvent);
    }
}

但是在运行时,如果我使用以下 curl 命令:

curl -i -H "Content-Type: application/json" -X GET 'http://localhost:9200/v1/data/profiles?continent=NA&country=US&isMale=0&height=1.5&dob=range('1980-01-01','1990-01-01')'

然后我只看到以下日志消息(MyAppAuditor发送审计事件):

{ "timestamp" : "14:09:50.516", "thread" : "qtp1293252487-17", "level" : "INFO", "logger" : "com.myapp.ws.shared.auditing.MyAppAuditor", "message" : {"timestamp":"2018-06-29T18:09:50+0000","principal":"SomeUser","type":"http.request.trace","data":{"method":"GET","path":"/v1/data/profiles","headers":{"request":{"User-Agent":"curl/7.54.0","Host":"localhost:9200","Accept":"*/*","Content-Type":"application/json"},"response":{"X-Frame-Options":"DENY","Cache-Control":"no-cache, no-store, max-age=0, must-revalidate","X-Content-Type-Options":"nosniff","Pragma":"no-cache","Expires":"0","X-XSS-Protection":"1; mode=block","X-Application-Context":"application:9200","Date":"Fri, 29 Jun 2018 18:09:50 GMT","Content-Type":"application/json;charset=utf-8","status":"200"}},"timeTaken":"89"}} }

如您所见,审计员正在获取基本路径 ( /v1/data/profiles),但没有记录任何查询字符串参数。当我点击需要请求正文 (JSON) 的 POST 或 PUT 端点时,我也看到类似的请求正文信息缺失。

我需要做什么来配置这些类(或其他 Spring 类/配置),以便获得我正在寻找的请求审计级别?

4

1 回答 1

2

幸运的是,Actuator 使配置这些Trace事件变得非常容易。

参数添加到跟踪信息

您可以查看所有选项。您会注意到默认值 ( line 42) 是:

Include.REQUEST_HEADERS, 
Include.RESPONSE_HEADERS, 
Include.COOKIES, 
Include.ERRORS, 
Include.TIME_TAKEN

因此,您还需要添加Include.PARAMETERS以及您希望在跟踪中包含的任何其他内容。要配置它,有一个配置属性 that management.trace.include

因此,要获得您想要的(即parameters),加上默认值,您将拥有:

management.trace.include = parameters, request-headers, response-headers, cookies, errors, time-taken

请求正文添加到跟踪信息

为了获得body,您必须将其添加Bean到您的Context

@Component
public class WebRequestTraceFilterWithPayload extends WebRequestTraceFilter {

    public WebRequestTraceFilterWithPayload(TraceRepository repository, TraceProperties properties) {
        super(repository, properties);
    }

    @Override
    protected Map<String, Object> getTrace(HttpServletRequest request) {
        Map<String, Object> trace = super.getTrace(request);

        String body = null;
        try {
            body = request.getReader().lines().collect(Collectors.joining("\n"));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }

        if(body != null) {
            trace.put("body", body);
        }

        return trace;
    }

}

上面的代码将覆盖AutoConfigure'd WebRequestTraceFilterbean(因为它@ConditionalOnMissingBean会尊重您的自定义 bean),并将额外的有效负载属性从 bean 中提取出来,request然后将其添加到Map发布到您的TraceRepository!

概括

  1. 可以TraceRepository trace events通过management.trace.include属性添加请求参数
  2. 可以通过创建扩展来读取HTTP 请求并补充跟踪事件来添加请求正文TraceRepository trace eventsBeanbody
于 2018-07-03T16:51:12.793 回答