2016-01-18 22:13 GMT+09:00 <[email protected]>: > Author: markt > Date: Mon Jan 18 13:13:35 2016 > New Revision: 1725263 > > URL: http://svn.apache.org/viewvc?rev=1725263&view=rev > Log: > Expand the session attribute filtering options > - new option to filter based on implementation class of value > - new option to log a warning message if an attribute is filtered out > - always log a message at at least debug level if an attribute is filtered > out > > Modified: > tomcat/trunk/java/org/apache/catalina/ha/session/mbeans-descriptors.xml > tomcat/trunk/java/org/apache/catalina/session/LocalStrings.properties > tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java > tomcat/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml > tomcat/trunk/webapps/docs/changelog.xml > tomcat/trunk/webapps/docs/config/cluster-manager.xml > tomcat/trunk/webapps/docs/config/manager.xml > > Modified: > tomcat/trunk/java/org/apache/catalina/ha/session/mbeans-descriptors.xml > URL: > http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ha/session/mbeans-descriptors.xml?rev=1725263&r1=1725262&r2=1725263&view=diff > > ============================================================================== > --- > tomcat/trunk/java/org/apache/catalina/ha/session/mbeans-descriptors.xml > (original) > +++ > tomcat/trunk/java/org/apache/catalina/ha/session/mbeans-descriptors.xml Mon > Jan 18 13:13:35 2016 > @@ -314,6 +314,14 @@ > name="sessionAttributeNameFilter" > descritpion="The string pattern used for including session > attributes in replication. Null means all attributes are included." > type="java.lang.String"/> > + <attribute > + name="sessionAttributeValueClassNameFilter" > + description="The regular expression used to filter session > attributes based on the implementation class of the value. The regular > expression is anchored and must match the fully qualified class name." > + type="java.lang.String"/> > + <attribute > + name="warnOnSessionAttributeFilterFailure" > + description="Should a WARN level log message be generated if a > session attribute fails to match sessionAttributeNameFilter or > sessionAttributeClassNameFilter?" > + type="boolean"/> > <operation > name="expireSession" > description="Expired the given session" > @@ -536,6 +544,14 @@ > name="sessionAttributeNameFilter" > descritpion="The string pattern used for including session > attributes in replication. Null means all attributes are included." > type="java.lang.String"/> > + <attribute > + name="sessionAttributeValueClassNameFilter" > + description="The regular expression used to filter session > attributes based on the implementation class of the value. The regular > expression is anchored and must match the fully qualified class name." > + type="java.lang.String"/> > + <attribute > + name="warnOnSessionAttributeFilterFailure" > + description="Should a WARN level log message be generated if a > session attribute fails to match sessionAttributeNameFilter or > sessionAttributeClassNameFilter?" > + type="boolean"/> > <operation > name="expireSession" > description="Expired the given session" > > Modified: > tomcat/trunk/java/org/apache/catalina/session/LocalStrings.properties > URL: > http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/LocalStrings.properties?rev=1725263&r1=1725262&r2=1725263&view=diff > > ============================================================================== > --- tomcat/trunk/java/org/apache/catalina/session/LocalStrings.properties > (original) > +++ tomcat/trunk/java/org/apache/catalina/session/LocalStrings.properties > Mon Jan 18 13:13:35 2016 > @@ -32,6 +32,8 @@ JDBCStore.missingDataSourceName=No valid > JDBCStore.commitSQLException=SQLException committing connection before > closing > managerBase.container.noop=Managers added to containers other than > Contexts will never be used > managerBase.createSession.ise=createSession: Too many active sessions > +managerBase.sessionAttributeNameFilter=Skipped session attribute named > [{0}] because it did not match the name filter [{1}] > +managerBase.sessionAttributeValueClassNameFilter=Skipped session > attribute named [{0}] because the value type [{1}] did not match the filter > [{2}] > managerBase.sessionTimeout=Invalid session timeout setting {0} > standardManager.loading=Loading persisted sessions from {0} > standardManager.loading.exception=Exception while loading persisted > sessions > > Modified: tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java > URL: > http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java?rev=1725263&r1=1725262&r2=1725263&view=diff > > ============================================================================== > --- tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java > (original) > +++ tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java Mon Jan > 18 13:13:35 2016 > @@ -203,6 +203,10 @@ public abstract class ManagerBase extend > > private Pattern sessionAttributeNamePattern; > > + private Pattern sessionAttributeValueClassNamePattern; > + > + private boolean warnOnSessionAttributeFilterFailure; > + > > // ------------------------------------------------------------- > Properties > > @@ -257,6 +261,86 @@ public abstract class ManagerBase extend > } > > > + /** > + * Obtain the regular expression used to filter session attribute > based on > + * the implementation class of the value. The regular expression is > anchored > + * and must match the fully qualified class name. > + * > + * @return The regular expression currently used to filter class > names. > + * {@code null} means no filter is applied. If an empty > string is > + * specified then no names will match the filter and all > attributes > + * will be blocked. > + */ > + public String getSessionAttributeValueClassNameFilter() { > + if (sessionAttributeValueClassNamePattern == null) { > + return null; > + } > + return sessionAttributeValueClassNamePattern.toString(); > + } > + > + > + /** > + * Provides {@link #getSessionAttributeValueClassNameFilter()} as a > + * pre-compiled regular expression pattern. > + * > + * @return The pre-compiled pattern used to filter session attributes > based > + * on the implementation class name of the value. {@code > null} means > + * no filter is applied. > + */ > + protected Pattern getSessionAttributeValueClassNamePattern() { > + return sessionAttributeValueClassNamePattern; > + } > + > + > + /** > + * Set the regular expression to use to filter classes used for > session > + * attributes. The regular expression is anchored and must match the > fully > + * qualified class name. > + * > + * @param sessionAttributeValueClassNameFilter The regular expression > to use > + * to filter session attributes based on class name. Use > {@code > + * null} if no filtering is required. If an empty string is > + * specified then no names will match the filter and all > + * attributes will be blocked. > + * > + * @throws PatternSyntaxException If the expression is not valid > + */ > + public void setSessionAttributeValueClassNameFilter(String > sessionAttributeValueClassNameFilter) > + throws PatternSyntaxException { > + if (sessionAttributeValueClassNameFilter == null || > + sessionAttributeValueClassNameFilter.length() == 0) { > + sessionAttributeValueClassNamePattern = null; > + } > + sessionAttributeValueClassNamePattern = > + Pattern.compile(sessionAttributeValueClassNameFilter); > + } > + > + > + /** > + * Should a warn level log message be generated if a session > attribute is > + * not persisted / replicated / restored. > + * > + * @return {@code true} if a warn level log message should be > generated > + */ > + public boolean getWarnOnSessionAttributeFilterFailure() { > + return warnOnSessionAttributeFilterFailure; > + } > + > + > + /** > + * Configure whether or not a warn level log message should be > generated if > + * a session attribute is not persisted / replicated / restored. > + * > + * @param warnOnSessionAttributeFilterFailure {@code true} if the > + * warn level message should be generated > + * > + */ > + public void setWarnOnSessionAttributeFilterFailure( > + boolean warnOnSessionAttributeFilterFailure) { > + this.warnOnSessionAttributeFilterFailure = > warnOnSessionAttributeFilterFailure; > + } > + > + > @Override > public Context getContext() { > return context; > @@ -719,10 +803,39 @@ public abstract class ManagerBase extend > @Override > public boolean willAttributeDistribute(String name, Object value) { > Pattern sessionAttributeNamePattern = > getSessionAttributeNamePattern(); > - if (sessionAttributeNamePattern == null) { > - return true; > + if (sessionAttributeNamePattern != null) { > + if (!sessionAttributeNamePattern.matcher(name).matches()) { > + if (getWarnOnSessionAttributeFilterFailure() || > log.isDebugEnabled()) { > + String msg = > sm.getString("managerBase.sessionAttributeNameFilter", > + name, sessionAttributeNamePattern); > + if (getWarnOnSessionAttributeFilterFailure()) { > + log.warn(msg); > + } else { > + log.debug(msg); > + } > + } > + return false; > + } > + } > + > + Pattern sessionAttributeValueClassNamePattern = > getSessionAttributeValueClassNamePattern(); > + if (value != null && sessionAttributeValueClassNamePattern != > null) { > + if (!sessionAttributeValueClassNamePattern.matcher( > + value.getClass().getName()).matches()) { > + if (getWarnOnSessionAttributeFilterFailure() || > log.isDebugEnabled()) { > + String msg = > sm.getString("managerBase.sessionAttributeValueClassNameFilter", > + name, value.getClass().getName(), > sessionAttributeNamePattern); > + if (getWarnOnSessionAttributeFilterFailure()) { > + log.warn(msg); > + } else { > + log.debug(msg); > + } > + } > + return false; > + } > } > - return sessionAttributeNamePattern.matcher(name).matches(); > + > + return true; > } > > > > Modified: > tomcat/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml > URL: > http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml?rev=1725263&r1=1725262&r2=1725263&view=diff > > ============================================================================== > --- tomcat/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml > (original) > +++ tomcat/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml > Mon Jan 18 13:13:35 2016 > @@ -132,6 +132,14 @@ > descritpion="The string pattern used for including session > attributes in distribution. Null means all attributes are included." > type="java.lang.String"/> > > + <attribute name="sessionAttributeValueClassNameFilter" > + description="The regular expression used to filter session > attributes based on the implementation class of the value. The regular > expression is anchored and must match the fully qualified class name." > + type="java.lang.String"/> > + > + <attribute name="warnOnSessionAttributeFilterFailure" > + description="Should a WARN level log message be generated if a > session attribute fails to match sessionAttributeNameFilter or > sessionAttributeClassNameFilter?" > + type="boolean"/> > + > <operation name="backgroundProcess" > description="Invalidate all sessions that have expired." > impact="ACTION" > @@ -319,6 +327,14 @@ > descritpion="The string pattern used for including session > attributes in distribution. Null means all attributes are included." > type="java.lang.String"/> > > + <attribute name="sessionAttributeValueClassNameFilter" > + description="The regular expression used to filter session > attributes based on the implementation class of the value. The regular > expression is anchored and must match the fully qualified class name." > + type="java.lang.String"/> > + > + <attribute name="warnOnSessionAttributeFilterFailure" > + description="Should a WARN level log message be generated if a > session attribute fails to match sessionAttributeNameFilter or > sessionAttributeClassNameFilter?" > + type="boolean"/> > + > <operation name="backgroundProcess" > description="Invalidate all sessions that have expired." > impact="ACTION" > > Modified: tomcat/trunk/webapps/docs/changelog.xml > URL: > http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1725263&r1=1725262&r2=1725263&view=diff > > ============================================================================== > --- tomcat/trunk/webapps/docs/changelog.xml (original) > +++ tomcat/trunk/webapps/docs/changelog.xml Mon Jan 18 13:13:35 2016 > @@ -207,6 +207,13 @@ > well as unload to ensure that configuration changes made while > the web > application is stopped are applied to any persisted data. (markt) > </add> > + <add> > + Extend the session attribute filtering options to include > filtering > + based on the implementation class of the value and optional > + <code>WARN</code> level logging if an attribute is filtered. These > + options are avaialble for all of the Manager implementations that > ship > + with Tomcat. (markt) > + </add> > </changelog> > </subsection> > <subsection name="Coyote"> > > Modified: tomcat/trunk/webapps/docs/config/cluster-manager.xml > URL: > http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/cluster-manager.xml?rev=1725263&r1=1725262&r2=1725263&view=diff > > ============================================================================== > --- tomcat/trunk/webapps/docs/config/cluster-manager.xml (original) > +++ tomcat/trunk/webapps/docs/config/cluster-manager.xml Mon Jan 18 > 13:13:35 2016 > @@ -77,17 +77,6 @@ > when session attributes are being replicated or removed across > Tomcat > nodes in the cluster. > </attribute> > - <attribute name="sessionAttributeNameFilter" required="false"> > - A regular expression used to filter which session attributes will > be > - replicated. An attribute will only be replicated if its name > matches > - this pattern. If the pattern is zero length or <code>null</code>, > all > - attributes are eligible for replication. The pattern is anchored > so the > - session attribute name must fully match the pattern. As an > example, the > - value <code>(userName|sessionHistory)</code> will only replicate > the > - two session attributes named <code>userName</code> and > - <code>sessionHistory</code>. If not specified, the default value > of > - <code>null</code> will be used. > - </attribute> > <attribute name="maxInactiveInterval" required="false"> > <p>The initial maximum time interval, in seconds, > between client requests before a session is invalidated. A > negative value > @@ -184,6 +173,26 @@ > effective only when <code>sendAllSessions</code> is > <code>false</code>. > Default is <code>2000</code> milliseconds. > </attribute> > + <attribute name="sessionAttributeNameFilter" required="false"> > + <p>A regular expression used to filter which session attributes > will be > + replicated. An attribute will only be replicated if its name > matches > + this pattern. If the pattern is zero length or <code>null</code>, > all > + attributes are eligible for replication. The pattern is anchored > so the > + session attribute name must fully match the pattern. As an > example, the > + value <code>(userName|sessionHistory)</code> will only replicate > the > + two session attributes named <code>userName</code> and > + <code>sessionHistory</code>. If not specified, the default value > of > + <code>null</code> will be used.</p> > + </attribute> > + <attribute name="sessionAttributeValueClassNameFilter" > required="false"> > + <p>A regular expression used to filter which session attributes > will be > + replicated. An attribute will only be replicated if the > implementation > + class name of the value matches this pattern. If the pattern is > zero > + length or <code>null</code>, all attributes are eligible for > + replication. The pattern is anchored so the fully qualified class > name > + must fully match the pattern. If not specified, the default value > of > + <code>null</code> will be used.</p> > + </attribute> > <attribute name="stateTimestampDrop" required="false"> > When this node sends a <code>GET_ALL_SESSIONS</code> message to > other > node, all session messages that are received as a response are > queued. > @@ -195,6 +204,14 @@ > If set to <code>false</code>, all queued session messages are > handled. > Default is <code>true</code>. > </attribute> > + <attribute name="warnOnSessionAttributeFilterFailure" > required="false"> > + <p>If <strong>sessionAttributeNameFilter</strong> or > + <strong>sessionAttributeValueClassNameFilter</strong> blocks an > + attribute, should this be logged at <code>WARN</code> level? If > + <code>WARN</code> level logging is disabled then it will be > logged at > + <code>DEBUG</code>. The default value of this attribute is > + <code>false</code>.</p> > + </attribute> > </attributes> > </subsection> > <subsection name="org.apache.catalina.ha.session.BackupManager > Attributes"> > @@ -218,6 +235,26 @@ > another map. > Default value is <code>15000</code> milliseconds. > </attribute> > + <attribute name="sessionAttributeNameFilter" required="false"> > + <p>A regular expression used to filter which session attributes > will be > + replicated. An attribute will only be replicated if its name > matches > + this pattern. If the pattern is zero length or <code>null</code>, > all > + attributes are eligible for replication. The pattern is anchored > so the > + session attribute name must fully match the pattern. As an > example, the > + value <code>(userName|sessionHistory)</code> will only replicate > the > + two session attributes named <code>userName</code> and > + <code>sessionHistory</code>. If not specified, the default value > of > + <code>null</code> will be used.</p> > + </attribute> > + <attribute name="sessionAttributeValueClassNameFilter" > required="false"> > + <p>A regular expression used to filter which session attributes > will be > + replicated. An attribute will only be replicated if the > implementation > + class name of the value matches this pattern. If the pattern is > zero > + length or <code>null</code>, all attributes are eligible for > + replication. The pattern is anchored so the fully qualified class > name > + must fully match the pattern. If not specified, the default value > of > + <code>null</code> will be used.</p> > + </attribute> > <attribute name="terminateOnStartFailure" required="false"> > Set to true if you wish to terminate replication map when > replication > map fails to start. If replication map is terminated, associated > context > @@ -225,6 +262,14 @@ > does not end. It will try to join the map membership in the > heartbeat. > Default value is <code>false</code> . > </attribute> > + <attribute name="warnOnSessionAttributeFilterFailure" > required="false"> > + <p>If <strong>sessionAttributeNameFilter</strong> or > + <strong>sessionAttributeValueClassNameFilter</strong> blocks an > + attribute, should this be logged at <code>WARN</code> level? If > + <code>WARN</code> level logging is disabled then it will be > logged at > + <code>DEBUG</code>. The default value of this attribute is > + <code>false</code>.</p> > + </attribute> > </attributes> > </subsection> > </section> > > Modified: tomcat/trunk/webapps/docs/config/manager.xml > URL: > http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/manager.xml?rev=1725263&r1=1725262&r2=1725263&view=diff > > ============================================================================== > --- tomcat/trunk/webapps/docs/config/manager.xml (original) > +++ tomcat/trunk/webapps/docs/config/manager.xml Mon Jan 18 13:13:35 2016 > @@ -167,7 +167,7 @@ > </attribute> > > <attribute name="sessionAttributeNameFilter" required="false"> > - A regular expression used to filter which session attributes will > be > + <p>A regular expression used to filter which session attributes > will be > distributed. An attribute will only be distributed if its name > matches > this pattern. If the pattern is zero length or <code>null</code>, > all > attributes are eligible for distribution. The pattern is anchored > so the > @@ -175,7 +175,26 @@ > value <code>(userName|sessionHistory)</code> will only distribute > the > two session attributes named <code>userName</code> and > <code>sessionHistory</code>. If not specified, the default value > of > - <code>null</code> will be used. > + <code>null</code> will be used.</p> > + </attribute> > + > + <attribute name="sessionAttributeValueClassNameFilter" > required="false"> > + <p>A regular expression used to filter which session attributes > will be > + distributed. An attribute will only be distributed if the > implementation > + class name of the value matches this pattern. If the pattern is > zero > + length or <code>null</code>, all attributes are eligible for > + distribution. The pattern is anchored so the fully qualified > class name > + must fully match the pattern. If not specified, the default value > of > + <code>null</code> will be used.</p> > + </attribute> > + > + <attribute name="warnOnSessionAttributeFilterFailure" > required="false"> > + <p>If <strong>sessionAttributeNameFilter</strong> or > + <strong>sessionAttributeValueClassNameFilter</strong> blocks an > + attribute, should this be logged at <code>WARN</code> level? If > + <code>WARN</code> level logging is disabled then it will be > logged at > + <code>DEBUG</code>. The default value of this attribute is > + <code>false</code>.</p> > </attribute> > </attributes> > > @@ -266,8 +285,9 @@ > <code>org.apache.catalina.session.StandardManager</code> class. > </p> > </attribute> > + > <attribute name="sessionAttributeNameFilter" required="false"> > - A regular expression used to filter which session attributes will > be > + <p>A regular expression used to filter which session attributes > will be > distributed. An attribute will only be distributed if its name > matches > this pattern. If the pattern is zero length or <code>null</code>, > all > attributes are eligible for distribution. The pattern is anchored > so the > @@ -275,7 +295,26 @@ > value <code>(userName|sessionHistory)</code> will only distribute > the > two session attributes named <code>userName</code> and > <code>sessionHistory</code>. If not specified, the default value > of > - <code>null</code> will be used. > + <code>null</code> will be used.</p> > + </attribute> > + > + <attribute name="sessionAttributeValueClassNameFilter" > required="false"> > + <p>A regular expression used to filter which session attributes > will be > + distributed. An attribute will only be distributed if the > implementation > + class name of the value matches this pattern. If the pattern is > zero > + length or <code>null</code>, all attributes are eligible for > + distribution. The pattern is anchored so the fully qualified > class name > + must fully match the pattern. If not specified, the default value > of > + <code>null</code> will be used.</p> > + </attribute> > + > + <attribute name="warnOnSessionAttributeFilterFailure" > required="false"> > + <p>If <strong>sessionAttributeNameFilter</strong> or > + <strong>sessionAttributeValueClassNameFilter</strong> blocks an > + attribute, should this be logged at <code>WARN</code> level? If > + <code>WARN</code> level logging is disabled then it will be > logged at > + <code>DEBUG</code>. The default value of this attribute is > + <code>false</code>.</p> > </attribute> > </attributes> > > > I think. Since the cluster manager is cloned from a template, we must implement the process of setting sessionAttributeNameFilter, sessionAttributeValueClassNameFilter and warnOnSessionAttributeFilterFailure in ClusterManagerBase.clone.
I've already committed at r1725405. The attributes of sessionAttributeNameFilter, sessionAttributeValueClassNameFilter and warnOnSessionAttributeFilterFailure are described in the document as each of the attributes of Deltamanager and BackupManager. Is this an intentional distinction? Do these attributes documents in the "Common Attributes" section? > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > -- > Keiichi.Fujino > <[email protected]> <[email protected]>
