[jira] [Created] (BROOKLYN-157) Excessive repeated logging when "Disallowing web request as server not in required startup-completed state"

Fri, 31 Jul 2015 01:29:40 -0700 

Aled Sage created BROOKLYN-157:
----------------------------------

             Summary: Excessive repeated logging when "Disallowing web request 
as server not in required startup-completed state"
                 Key: BROOKLYN-157
                 URL: https://issues.apache.org/jira/browse/BROOKLYN-157
             Project: Brooklyn
          Issue Type: Bug
            Reporter: Aled Sage
            Priority: Trivial


When restarting the Brooklyn server, I see a lot of log.warn messages like that 
below. This would presumably also happen if someone had a browser tab open (or 
cron job for API calls) that pointed at the standby server.

{noformat}
2015-07-31 09:19:13,749 WARN  Disallowing web request as server not in required 
startup-completed state: 
com.sun.jersey.spi.container.ContainerRequest@44de6bae/AbstractResourceMethod(ApplicationApi#list)
 (caller should set 'Brooklyn-Allow-Non-Master-Access' to force)
{noformat}

It could lead to far too much logging, with the info log file being flooded 
with uninteresting messages. (Note these only get logged for authenticated 
users).

Ideally, we should log.warn the first time and decrease that to debug. Even 
better, if we could log.warn for each user/ip.

---
Note that if requests are repeatedly sent with the wrong credentials then two 
log messages are logged at debug. That is probably the right thing to do. It 
could fill up our log if there is a denial of service attack, but then we also 
need to record what was happening in such a situation.

{noformat}
2015-07-31 09:23:42,850 DEBUG b.r.s.p.DelegatingSecurityProvider 
[brooklyn-jetty-server-8081-qtp595385051-25]: Failed authentication for user 
null with provider 
brooklyn.rest.security.provider.ExplicitUsersSecurityProvider@5ceb8a4d
2015-07-31 09:23:45,769 DEBUG b.r.s.p.ExplicitUsersSecurityProvider 
[brooklyn-jetty-server-8081-qtp595385051-26]: REST rejecting unknown user afe
2015-07-31 09:23:45,769 DEBUG b.r.s.p.DelegatingSecurityProvider 
[brooklyn-jetty-server-8081-qtp595385051-26]: Failed authentication for user 
afe with provider 
brooklyn.rest.security.provider.ExplicitUsersSecurityProvider@5ceb8a4d
{noformat}




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to