Uploaded image for project: 'Confluence Server and Data Center'
  1. Confluence Server and Data Center
  2. CONFSERVER-59105

Enhance Confluence WebDAV Plugin Logging Capabilities

    XMLWordPrintable

    Details

    • UIS:
      30
    • Feedback Policy:
      We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Description

      Suggestion Details

      When not authorised users try to access resources in Confluence that interacts with WebDav (Edit in Office, for example), Confluence will throw errors in the logs. Some of them can be suppressed by adjusting Log4J logging levels but some are non-parsed exceptions that are captured at code level but untreated by Log4J. Those can't be suppressed. If discovered that the errors are caused by an expected scenario, one wouldn't be able to fully suppress them from logs.

      Cause

      If the Edit In Office session is inactive, the session will timeout after 10 minutes and will results in similar error messages.

      Log Examples

      Error Log 1
      2019-10-19 15:38:37,297 ERROR [http-nio-8090-exec-86 url:/plugins/servle...8b7c-73a6daf1thb6/] [extra.webdav.servlet.ConfluenceWebdavServlet] service Unexpected error
       -- url: /plugins/servlet/confluence/editinword/395745421/attachments/ocauth/83348372-8b7c-73a6-thb6-73a6daf1thb6/ | traceId: 3gb5858faabb1a68 | userName: anonymous
      org.apache.jackrabbit.webdav.DavException
      	at com.atlassian.confluence.extra.webdav.ConfluenceDavSessionProviderImpl.getConfluenceDavSession(ConfluenceDavSessionProviderImpl.java:123)
      	at com.atlassian.confluence.extra.webdav.ConfluenceDavSessionProviderImpl.attachSession(ConfluenceDavSessionProviderImpl.java:192)
      	at com.atlassian.confluence.extra.webdav.servlet.ConfluenceWebdavServlet.service(ConfluenceWebdavServlet.java:103)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
      ....
      Caused by: java.io.IOException: Malformed Authorization header: Bearer
      
      Error Log 2
      2019-11-06 21:52:20,179 INFO [http-nio-8090-exec-585 url:/plugins/servle...8b7c-73a6daf1thb6/ url:/500page.jsp] [atlassian.confluence.status.SystemErrorInformationLogger] writeToLog 
      Request Unique ID : 83348372-8b7c-73a6-thb6-73a6daf1thb6
      --------------------------
      JVM Stats
      --------------------------
      ......
      --------------------------
      Attributes
      --------------------------
      javax.servlet.forward.request_uri: /plugins/servlet/confluence/editinword/395745421/attachments/ocauth/83348372-8b7c-73a6-thb6-73a6daf1thb6/
      javax.servlet.forward.context_path: 
      javax.servlet.forward.servlet_path: /plugins/servlet
      javax.servlet.forward.path_info: /plugins/servlet/confluence/editinword/395745421/attachments/ocauth/83348372-8b7c-73a6-thb6-73a6daf1thb6/
      
      Error Log 3
      2020-06-08 15:00:22,293 ERROR [http-nio-6740-exec-2] [confluence.extra.webdav.ConfluenceDavSessionProviderImpl] getConfluenceDavSession Unable to get user name and/or password from the Authenticate header.
       -- url: /c740/plugins/servlet/confluence/editinword/1605636/attachments/ocauth/d787bc36-2153-4406-a4e2-de368c2139f1/test.docx | traceId: bdce73b3286fb587 | userName: anonymous
      java.io.IOException: Malformed Authorization header: Bearer
      	at com.atlassian.confluence.extra.webdav.ConfluenceDavSessionProviderImpl.getCredentialTokens(ConfluenceDavSessionProviderImpl.java:60)
      

      Existing Partial Workaround

      One can suppress the first error message by setting the class below as FATAL on Logging and Properties, given it is the one generating such logging:

      com.atlassian.confluence.extra.webdav
      

      Missing Workaround

      The second error message is thrown at the following class/line:

      com.atlassian.confluence.extra.webdav.ConfluenceDavSessionProviderImpl.getConfluenceDavSession(ConfluenceDavSessionProviderImpl.java:123)
      
      } catch (IOException ioe) {
                              log.error("Unable to get user name and/or password from the Authenticate header.", ioe);
                              throw new DavException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, ioe);
                          }
      

      Whichever class catching the exception doesn't treat it accordingly to output Log4J logging, therefore, the exception is just dumped into the logs in a raw way.

      Suggestion

      To parse the SC_INTERNAL_SERVER_ERROR accordingly so one could suppress it from being logged.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            mhorlle Marcelo Horlle
            Votes:
            10 Vote for this issue
            Watchers:
            17 Start watching this issue

              Dates

              Created:
              Updated: