Auditing HttpInvoker invactions
The server, a stand-alone SE application running Spring 2.5.6 and an embedded jetty. Clients, Swing application, connects to the server using HttpInvoker.
There are a lot of services exposed by the server and now, new requirements have emerged saying I need to log (almost) every invocation made by the client.
What I would like to to do is for the client to send some extra information, (username, workstationId etc. Strings and ints). A typical method on the server would look like this
public void doStuff(int someParam) {
// Do stuff
List result = method(someParam)
// Audit
// get the client information from somewhere?!!
String username;
int workstationId;
auditDao.doStuffPerformed(username, workstationId, someParam, result);
}
So, how do I get the client information from within a method on the server.
One solution that I've tried is to add client information as request attributes and call method RequestContextHolder.getRequestAttributes(); from within method.
I have added a CommonsHttpInvokerRequestExecutor on the client side and overloaded the following method in order to add the additional information.
@Override
protected PostMethod createPostMethod(HttpInvokerClientConfiguration config) throws IOException {
PostMethod postMethod = super.createPostMethod(config);
postMethod.addRequestH开发者_Python百科eader("someHeader", "someHeader2");
postMethod.addParameter("someParam", "someParam2");
postMethod.setRequestHeader("someRequestHeader", "someRequestHeader2");
return postMethod;
}
This will however not work. The headers or parameters are not accessible on the server.
Any response would be greatly appreciated.
I think you're on the right track. You should just use a custom SimpleHttpInvokerServiceExporter subclass on the server-side, and override readRemoteInvocation
to extract the headers set by the client from the HttpExchange
argument.
These header values could be stored in a static ThreadLocal
session variable, which would be accessible anywhere in the server-side code.
精彩评论