Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
17
-
Description
Suggestion Details
When not authorised users try to access resources in Confluence that interacts with WebDav (Edit in Office, for example), Confluence will throw errors in the logs. Some of them can be suppressed by adjusting Log4J logging levels but some are non-parsed exceptions that are captured at code level but untreated by Log4J. Those can't be suppressed. If discovered that the errors are caused by an expected scenario, one wouldn't be able to fully suppress them from logs.
Cause
If the Edit In Office session is inactive, the session will timeout after 10 minutes (regardless of session timeout set in web.xml) and will results in similar error messages.
Log Examples
2019-10-19 15:38:37,297 ERROR [http-nio-8090-exec-86 url:/plugins/servle...8b7c-73a6daf1thb6/] [extra.webdav.servlet.ConfluenceWebdavServlet] service Unexpected error -- url: /plugins/servlet/confluence/editinword/395745421/attachments/ocauth/83348372-8b7c-73a6-thb6-73a6daf1thb6/ | traceId: 3gb5858faabb1a68 | userName: anonymous org.apache.jackrabbit.webdav.DavException at com.atlassian.confluence.extra.webdav.ConfluenceDavSessionProviderImpl.getConfluenceDavSession(ConfluenceDavSessionProviderImpl.java:123) at com.atlassian.confluence.extra.webdav.ConfluenceDavSessionProviderImpl.attachSession(ConfluenceDavSessionProviderImpl.java:192) at com.atlassian.confluence.extra.webdav.servlet.ConfluenceWebdavServlet.service(ConfluenceWebdavServlet.java:103) at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) .... Caused by: java.io.IOException: Malformed Authorization header: Bearer
2019-11-06 21:52:20,179 INFO [http-nio-8090-exec-585 url:/plugins/servle...8b7c-73a6daf1thb6/ url:/500page.jsp] [atlassian.confluence.status.SystemErrorInformationLogger] writeToLog Request Unique ID : 83348372-8b7c-73a6-thb6-73a6daf1thb6 -------------------------- JVM Stats -------------------------- ...... -------------------------- Attributes -------------------------- javax.servlet.forward.request_uri: /plugins/servlet/confluence/editinword/395745421/attachments/ocauth/83348372-8b7c-73a6-thb6-73a6daf1thb6/ javax.servlet.forward.context_path: javax.servlet.forward.servlet_path: /plugins/servlet javax.servlet.forward.path_info: /plugins/servlet/confluence/editinword/395745421/attachments/ocauth/83348372-8b7c-73a6-thb6-73a6daf1thb6/
2020-06-08 15:00:22,293 ERROR [http-nio-6740-exec-2] [confluence.extra.webdav.ConfluenceDavSessionProviderImpl] getConfluenceDavSession Unable to get user name and/or password from the Authenticate header. -- url: /c740/plugins/servlet/confluence/editinword/1605636/attachments/ocauth/d787bc36-2153-4406-a4e2-de368c2139f1/test.docx | traceId: bdce73b3286fb587 | userName: anonymous java.io.IOException: Malformed Authorization header: Bearer at com.atlassian.confluence.extra.webdav.ConfluenceDavSessionProviderImpl.getCredentialTokens(ConfluenceDavSessionProviderImpl.java:60)
Existing Partial Workaround
One can suppress the first error message by setting the class below as FATAL on Logging and Properties, given it is the one generating such logging:
com.atlassian.confluence.extra.webdav
Missing Workaround
The second error message is thrown at the following class/line:
com.atlassian.confluence.extra.webdav.ConfluenceDavSessionProviderImpl.getConfluenceDavSession(ConfluenceDavSessionProviderImpl.java:123)
} catch (IOException ioe) { log.error("Unable to get user name and/or password from the Authenticate header.", ioe); throw new DavException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, ioe); }
Whichever class catching the exception doesn't treat it accordingly to output Log4J logging, therefore, the exception is just dumped into the logs in a raw way.
Suggestion
To parse the SC_INTERNAL_SERVER_ERROR accordingly so one could suppress it from being logged.