Open
Description
There at least 2 cases when userId isn't logged for logged in user:
- when we trigger an error like this:
//404
In this case we got RequestRejectedException (that shouldn't be there actually, see RequestRejectedExceptions pollute logs #1068)
Example:
2019-07-29 00:23:56.694 [user: ] WARN 11130 --- [qtp335915908-34] o.eclipse.jetty.servlet.ServletHandler : //404
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL was not normalized.
at org.springframework.security.web.firewall.StrictHttpFirewall.getFirewalledRequest(StrictHttpFirewall.java:248) ~[spring-security-web-4.2.12.RELEASE.jar:4.2.12.RELEASE]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:193) ~[spring-security-web-4.2.12.RELEASE.jar:4.2.12.RELEASE]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) ~[spring-security-web-4.2.12.RELEASE.jar:4.2.12.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347) ~[spring-web-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263) ~[spring-web-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) ~[jetty-servlet-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) ~[jetty-servlet-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109) ~[spring-web-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) ~[jetty-servlet-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) ~[spring-web-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) ~[jetty-servlet-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585) [jetty-servlet-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [jetty-server-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577) [jetty-security-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223) [jetty-server-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) [jetty-server-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) [jetty-servlet-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [jetty-server-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) [jetty-server-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [jetty-server-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.servlets.gzip.GzipHandler.handle(GzipHandler.java:479) [jetty-servlets-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) [jetty-server-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.server.Server.handle(Server.java:499) [jetty-server-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311) [jetty-server-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:258) [jetty-server-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544) [jetty-io-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635) [jetty-util-9.2.28.v20190418.jar:9.2.28.v20190418]
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555) [jetty-util-9.2.28.v20190418.jar:9.2.28.v20190418]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_202]
- in another case, we got 404 error for a long URL. In this case, we able to get userId and even saves it to database, but a log message doesn't include it.
Example:
2019-07-29 22:04:13.364 [user: ] DEBUG 12600 --- [tp1108322555-34] r.m.w.s.s.s.CustomUserDetailsService : Find user by login 'admin'
2019-07-29 22:04:13.367 [user: ] DEBUG 12600 --- [tp1108322555-34] r.m.w.s.s.s.CustomUserDetailsService : User 'admin' found
2019-07-29 22:04:37.621 [user: ] WARN 12600 --- [cTaskExecutor-2] r.m.web.feature.site.SiteServiceImpl : Length of '/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest/testtesttest' exceeds max length for 'page' field: 377 > 100