struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Snowball RC"<craf....@gmail.com>
Subject Re: What is the best way to get all JSON params in custom Interceptor to log them all in a custom logger ?
Date Thu, 23 Mar 2017 13:28:39 GMT


On 2017-03-23 14:23 (+0100), Christoph Nenning <Christoph.Nenning@lex-com.net> wrote:

> > <Christoph.Nenning@lex-com.net> wrote: 
> > > Hi,
> > > 
> > > AFAIK that is defined in servlet spec. Only parameters with 
> content-type "
> > > application/x-www-form-urlencoded" are made available via 
> getParameters(). 
> > > The struts method you mentioned just forwards to according method of 
> > > servlet api.
> > > 
> > > Your json data can only be read by consuming request inputstream. If 
> you 
> > > do so in your interceptor it is not available anymore to your actions 
> (or 
> > > struts json interceptor) so you must rewrite them, too.
> > > 
> > > Regards,
> > > Christoph
> > > 
> > > 
> > > 
> > > > From: "Snowball RC" <craf.pro@gmail.com>
> > > > To: <user@struts.apache.org>, 
> > > > Date: 23.03.2017 11:28
> > > > Subject: What is the best way to get all JSON params in custom 
> > > > Interceptor to log them all in a custom logger ?
> > > > 
> > > > Hi,
> > > > 
> > > > I am trying to implement a custom Interceptor to have a global 
> > > > custom "security" logger in my web app.
> > > > 
> > > > The target is to log all the datas sended to the server during 
> > > > update, save, delete etc... to have a custom logger for security 
> > > reasons.
> > > > 
> > > > In case of GET and POST (query string param or form data without 
> > > > json object) : 
> > > > HttpParameters httpParameters = 
> > > ActionContext.getContext().getParameters();
> > > > works fine.
> > > > 
> > > > But in case of json params in POST (request payload) the previous 
> > > > code doesn't works
> > > > when the params is serialize via : JSON.stringify(...)
> > > > 
> > > > code sample: 
> > > > jQuery.ajax({
> > > >    type: 'POST', 
> > > >    url: url, 
> > > >    data: JSON.stringify(data),
> > > >    dataType: 'json',
> > > >    async: false ,
> > > >    contentType: 'application/json; charset=utf-8',
> > > >    success: function(){
> > > >        self.load();
> > > >    },
> > > >    error: function(data) {
> > > >        if (data.responseText) {
> > > >           var error = JSON.parse(data.responseText);
> > > >        }
> > > >    }
> > > > 
> > > > My custom Interceptor is added at the end of my stack after the json
> > > > interceptor like this :
> > > >         <interceptor-ref name="json">
> > > >               <param name="contentType">application/json</param>
> > > >           </interceptor-ref>
> > > >           <interceptor-ref name="commonSecurityLogger"/>
> > > > </interceptor-stack>
> > > > 
> > > > 
> > > > 
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > > 
> > > 
> > > This Email was scanned by Sophos Anti Virus
> > > 
> > You are right I have tried to use "request.getReader()" and after 
> > the json object was not available anymore.
> > How can I rewrite them ? Should I do the same like in JSONInterceptor ?
> > 
> 
> 
> Well, when your interceptor reads the inputsream it has to preserve data 
> in memory in some way and your actions must read it from there.
> 
> You can try to copy the inputstream to a byte array first (by using 
> ByteArrayOutputStream) and wrap request.getInputStream() with a 
> ByteArrayInputStream pointing to same byte array. Of course that will 
> cause issues if your users upload large amount of data.
> 
> 
> Regards,
> Christoph
> 
> This Email was scanned by Sophos Anti Virus
> 
So It is possible in my web app to post large amount of data...

I am trying to use the reflexion API to retrieve all getter of actions and then try to get
one by one getters... 

I don't think if it's a better solution to do that.

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message