Enable logging for specific Spring modules

HTTP Basic authentication in Spring REST web services
December 12, 2012
Error handling in Spring REST web services
December 14, 2012

Configuring log4j logging using Spring framework for various modules is not a big task. But still if you are beginner then you need to know how to configure log4j in Spring framework. Tomcat doesn’t come with log4j support so you need to place log4j jar file in the application classpath and then configure logging in Spring application by following these steps. For any other server like JBoss or WebSphere, there is default logging implementation and you may need to add the log4j jar file as per server specifications.

1) Add Jars: Place log4j and commons logging jar files in the WEB-INF/lib folder of your application. You need to check for compatible version of both jars for your application which usually depends upon JDK, server and Spring version.

2) Configure logger: Place log4j.properties file in the WEB-INF folder of your application.

log4j.rootLogger=DEBUG, stdout

log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{HH:mm:ss} %5p [%t] (%F:%L) - %m%n

log4j.appender.stdout.org.springframework=DEBUG
log4j.logger.org.springframework.security=DEBUG

You can configure the above log4j.properties file to suit your requirements like adding a rolling file appender. Note that log4j also supports xml version for configuration.

In the above properties file, DEBUG level logging has been enabled for core spring and security modules. You may want to add/remove other modules from this configuration. For example append the following line for Spring AOP logging:

org.springframework.aop

3) Configure deployment descriptor: In web.xml of your application, configure the logging listener by adding the following line:

<listener>
    <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>

4) Restart: If your server is already up then you need to restart it so that changes can take effect.

5)See the logs: When you perform some action in Spring application, following logs could be see on the console:

2012-12-14 09:57:43,839{HH:mm:ss} DEBUG [http-bio-8080-exec-6] (HttpSessionSecurityContextRepositor
y.java:139) – HttpSession returned null object for SPRING_SECURITY_CONTEXT
2012-12-14 09:57:43,839{HH:mm:ss} DEBUG [http-bio-8080-exec-6] (HttpSessionSecurityContextRepositor
y.java:85) – No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@15e
de11. A new one will be created.
2012-12-14 09:57:43,839{HH:mm:ss} DEBUG [http-bio-8080-exec-6] (FilterChainProxy.java:318)
– /getEmp.do/10 at position 2 of 11 in additional filter chain; firing Filter: ‘LogoutFilter’
2012-12-14 09:57:43,839{HH:mm:ss} DEBUG [http-bio-8080-exec-6] (FilterChainProxy.java:318)
– /getEmp.do/10 at position 3 of 11 in additional filter chain; firing Filter: ‘UsernamePasswordAuthenticationFilter’
2012-12-14 09:57:43,839{HH:mm:ss} DEBUG [http-bio-8080-exec-6] (FilterChainProxy.java:318)
– /getEmp.do/10 at position 4 of 11 in additional filter chain; firing Filter: ‘OpenIDAuthenticationFilter’
2012-12-14 09:57:43,839{HH:mm:ss} DEBUG [http-bio-8080-exec-6] (FilterChainProxy.java:318)
– /getEmp.do/10 at position 5 of 11 in additional filter chain; firing Filter: ‘BasicAuthenticationFilter’
2012-12-14 09:57:43,839{HH:mm:ss} DEBUG [http-bio-8080-exec-6] (FilterChainProxy.java:318)
– /getEmp.do/10 at position 6 of 11 in additional filter chain; firing Filter: ‘RequestCacheAwareFilter’
2012-12-14 09:57:43,840{HH:mm:ss} DEBUG [http-bio-8080-exec-6] (DefaultSavedRequest.java:309&#4
1; – pathInfo: both null (property equals)
2012-12-14 09:57:43,840{HH:mm:ss} DEBUG [http-bio-8080-exec-6] (DefaultSavedRequest.java:309&#4
1; – queryString: both null (property equals)

Bonus Tip: You can also create user specific log files so that the events are logged in users are written to specific files. This can be done by writing a handler interceptor and writing appropriate logs. For more advanced and automated logging and tracking, use a analytics library for web applications.