Added separate logging for each subsystem.

The links to SLF4J libraries have been moved into each subsystem
to allow separate logging. A new logging.properties files has been
added to each subsystem as well.

The pki.policy has been modified to allow Tomcat JULI to read the
logging.properties and write log files for each subsystem.

https://pagure.io/dogtagpki/issue/195

Change-Id: I6c8b6e6744408e21d620ca1983b2be18c353de73

base/ca/CMakeLists.txt

@@ -12,6 +12,8 @@ add_custom_target(pki-ca-lib ALL)
 add_custom_command(
     TARGET pki-ca-lib
     COMMAND ${CMAKE_COMMAND} -E make_directory webapp/lib
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} webapp/lib/slf4j-api.jar
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} webapp/lib/slf4j-jdk14.jar
     COMMAND ln -sf /usr/share/java/pki/pki-nsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-nsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-cmsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-cmsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-certsrv.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-certsrv.jar

base/ca/shared/webapps/ca/WEB-INF/classes/logging.properties

@@ -0,0 +1,34 @@
+# --- BEGIN COPYRIGHT BLOCK ---
+# Copyright (C) 2018 Red Hat, Inc.
+# All rights reserved.
+# Modifications: configuration parameters
+# --- END COPYRIGHT BLOCK ---
+
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+handlers = org.apache.juli.FileHandler
+
+org.apache.juli.FileHandler.directory = ${catalina.base}/logs/${classloader.webappName}
+org.apache.juli.FileHandler.prefix = debug.
+org.apache.juli.FileHandler.maxDays = 7
+org.apache.juli.FileHandler.formatter = org.dogtagpki.tomcat.PKIFormatter
+
+.level = WARNING
+.handler = org.apache.juli.FileHandler
+
+org.dogtagpki.level = WARNING
+com.netscape.level = WARNING
+netscape.level = WARNING

base/kra/CMakeLists.txt

@@ -12,6 +12,8 @@ add_custom_target(pki-kra-lib ALL)
 add_custom_command(
     TARGET pki-kra-lib
     COMMAND ${CMAKE_COMMAND} -E make_directory webapp/lib
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} webapp/lib/slf4j-api.jar
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} webapp/lib/slf4j-jdk14.jar
     COMMAND ln -sf /usr/share/java/pki/pki-nsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-nsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-cmsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-cmsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-certsrv.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-certsrv.jar

base/kra/shared/webapps/kra/WEB-INF/classes/logging.properties

@@ -0,0 +1,34 @@
+# --- BEGIN COPYRIGHT BLOCK ---
+# Copyright (C) 2018 Red Hat, Inc.
+# All rights reserved.
+# Modifications: configuration parameters
+# --- END COPYRIGHT BLOCK ---
+
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+handlers = org.apache.juli.FileHandler
+
+org.apache.juli.FileHandler.directory = ${catalina.base}/logs/${classloader.webappName}
+org.apache.juli.FileHandler.prefix = debug.
+org.apache.juli.FileHandler.maxDays = 7
+org.apache.juli.FileHandler.formatter = org.dogtagpki.tomcat.PKIFormatter
+
+.level = WARNING
+.handler = org.apache.juli.FileHandler
+
+org.dogtagpki.level = WARNING
+com.netscape.level = WARNING
+netscape.level = WARNING

base/ocsp/CMakeLists.txt

@@ -12,6 +12,8 @@ add_custom_target(pki-ocsp-lib ALL)
 add_custom_command(
     TARGET pki-ocsp-lib
     COMMAND ${CMAKE_COMMAND} -E make_directory webapp/lib
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} webapp/lib/slf4j-api.jar
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} webapp/lib/slf4j-jdk14.jar
     COMMAND ln -sf /usr/share/java/pki/pki-nsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-nsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-cmsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-cmsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-certsrv.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-certsrv.jar

base/ocsp/shared/webapps/ocsp/WEB-INF/classes/logging.properties

@@ -0,0 +1,34 @@
+# --- BEGIN COPYRIGHT BLOCK ---
+# Copyright (C) 2018 Red Hat, Inc.
+# All rights reserved.
+# Modifications: configuration parameters
+# --- END COPYRIGHT BLOCK ---
+
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+handlers = org.apache.juli.FileHandler
+
+org.apache.juli.FileHandler.directory = ${catalina.base}/logs/${classloader.webappName}
+org.apache.juli.FileHandler.prefix = debug.
+org.apache.juli.FileHandler.maxDays = 7
+org.apache.juli.FileHandler.formatter = org.dogtagpki.tomcat.PKIFormatter
+
+.level = WARNING
+.handler = org.apache.juli.FileHandler
+
+org.dogtagpki.level = WARNING
+com.netscape.level = WARNING
+netscape.level = WARNING

base/server/CMakeLists.txt

@@ -139,8 +139,6 @@ add_custom_command(
     COMMAND ${CMAKE_COMMAND} -E create_symlink ${RESTEASY_LIB}/jaxrs-api.jar common/lib/resteasy-jaxrs-api.jar
     COMMAND ${CMAKE_COMMAND} -E create_symlink ${RESTEASY_LIB}/resteasy-jaxrs.jar common/lib/resteasy-jaxrs.jar
     COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/scannotation.jar common/lib/scannotation.jar
-    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} common/lib/slf4j-api.jar
-    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} common/lib/slf4j-jdk14.jar
     COMMAND ln -sf /usr/lib/java/symkey.jar ${CMAKE_CURRENT_BINARY_DIR}/common/lib/symkey.jar
     COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/tomcatjss.jar common/lib/tomcatjss.jar
     COMMAND ${CMAKE_COMMAND} -E create_symlink /usr/share/java/velocity.jar common/lib/velocity.jar
@@ -156,6 +154,8 @@ add_custom_target(pki-server-webapp-lib ALL)
 add_custom_command(
     TARGET pki-server-webapp-lib
     COMMAND ${CMAKE_COMMAND} -E make_directory webapp/lib
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} webapp/lib/slf4j-api.jar
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} webapp/lib/slf4j-jdk14.jar
     COMMAND ln -sf /usr/share/java/pki/pki-nsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-nsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-cmsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-cmsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-certsrv.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-certsrv.jar

base/server/share/conf/logging.properties

@@ -44,6 +44,7 @@ handlers = 1catalina.org.apache.juli.FileHandler, 2localhost.org.apache.juli.Fil
 
 java.util.logging.ConsoleHandler.level = ALL
 java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
+
 java.util.logging.SimpleFormatter.format = %4$s: %5$s%6$s%n
 
 ############################################################
@@ -63,9 +64,6 @@ org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handler
 org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level = INFO
 org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers = 4host-manager.org.apache.juli.FileHandler
 
-# For example, set the org.apache.catalina.util.LifecycleBase logger to log
-# each component that extends LifecycleBase changing state:
-#org.apache.catalina.util.LifecycleBase.level = FINE
-
-# To see debug messages in TldLocationsCache, uncomment the following line:
-#org.apache.jasper.compiler.TldLocationsCache.level = FINE
+org.dogtagpki.level = WARNING
+com.netscape.level = WARNING
+netscape.level = WARNING

base/server/share/conf/pki.policy

@@ -12,6 +12,22 @@
 
 grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.util.logging.resources";
+
+        // Allow Tomcat JULI to read subsystem logging configuration.
+        permission java.io.FilePermission "/usr/share/pki/server/webapps/pki/WEB-INF/classes/logging.properties", "read";
+        permission java.io.FilePermission "/usr/share/pki/ca/webapps/ca/WEB-INF/classes/logging.properties", "read";
+        permission java.io.FilePermission "/usr/share/pki/kra/webapps/kra/WEB-INF/classes/logging.properties", "read";
+        permission java.io.FilePermission "/usr/share/pki/ocsp/webapps/ocsp/WEB-INF/classes/logging.properties", "read";
+        permission java.io.FilePermission "/usr/share/pki/tks/webapps/tks/WEB-INF/classes/logging.properties", "read";
+        permission java.io.FilePermission "/usr/share/pki/tps/webapps/tps/WEB-INF/classes/logging.properties", "read";
+
+        // Allow Tomcat JULI to generate subsystem log files.
+        permission java.io.FilePermission "${catalina.base}/logs/pki/-", "read,write";
+        permission java.io.FilePermission "${catalina.base}/logs/ca/-", "read,write";
+        permission java.io.FilePermission "${catalina.base}/logs/kra/-", "read,write";
+        permission java.io.FilePermission "${catalina.base}/logs/ocsp/-", "read,write";
+        permission java.io.FilePermission "${catalina.base}/logs/tks/-", "read,write";
+        permission java.io.FilePermission "${catalina.base}/logs/tps/-", "read,write";
 };
 
 grant codeBase "file:${catalina.base}/bin/bootstrap.jar" {

base/server/share/webapps/pki/WEB-INF/classes/logging.properties

@@ -0,0 +1,34 @@
+# --- BEGIN COPYRIGHT BLOCK ---
+# Copyright (C) 2018 Red Hat, Inc.
+# All rights reserved.
+# Modifications: configuration parameters
+# --- END COPYRIGHT BLOCK ---
+
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+handlers = org.apache.juli.FileHandler
+
+org.apache.juli.FileHandler.directory = ${catalina.base}/logs/${classloader.webappName}
+org.apache.juli.FileHandler.prefix = debug.
+org.apache.juli.FileHandler.maxDays = 7
+org.apache.juli.FileHandler.formatter = org.dogtagpki.tomcat.PKIFormatter
+
+.level = WARNING
+.handler = org.apache.juli.FileHandler
+
+org.dogtagpki.level = WARNING
+com.netscape.level = WARNING
+netscape.level = WARNING

base/server/tomcat/src/org/dogtagpki/tomcat/PKIFormatter.java

@@ -0,0 +1,49 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2018 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package org.dogtagpki.tomcat;
+
+import java.util.Date;
+import java.util.logging.Formatter;
+import java.util.logging.Level;
+import java.util.logging.LogRecord;
+
+public class PKIFormatter extends Formatter {
+
+    public String format(LogRecord record) {
+
+        // 2018-02-23 10:18:51 [main] INFO: Log message
+
+        return String.format(
+                "%1$tF %1$tT [%2$s] %3$s: %4$s%n",
+                new Date(record.getMillis()),
+                Thread.currentThread().getName(),
+                record.getLevel(),
+                formatMessage(record));
+    }
+
+    public static void main(String[] args) {
+
+        PKIFormatter formatter = new PKIFormatter();
+
+        LogRecord record = new LogRecord(Level.INFO, "Log message");
+        record.setSourceClassName(PKIFormatter.class.getName());
+
+        System.out.println(formatter.format(record));
+    }
+}

base/tks/CMakeLists.txt

@@ -12,6 +12,8 @@ add_custom_target(pki-tks-lib ALL)
 add_custom_command(
     TARGET pki-tks-lib
     COMMAND ${CMAKE_COMMAND} -E make_directory webapp/lib
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} webapp/lib/slf4j-api.jar
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} webapp/lib/slf4j-jdk14.jar
     COMMAND ln -sf /usr/share/java/pki/pki-nsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-nsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-cmsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-cmsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-certsrv.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-certsrv.jar

base/tks/shared/webapps/tks/WEB-INF/classes/logging.properties

@@ -0,0 +1,34 @@
+# --- BEGIN COPYRIGHT BLOCK ---
+# Copyright (C) 2018 Red Hat, Inc.
+# All rights reserved.
+# Modifications: configuration parameters
+# --- END COPYRIGHT BLOCK ---
+
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+handlers = org.apache.juli.FileHandler
+
+org.apache.juli.FileHandler.directory = ${catalina.base}/logs/${classloader.webappName}
+org.apache.juli.FileHandler.prefix = debug.
+org.apache.juli.FileHandler.maxDays = 7
+org.apache.juli.FileHandler.formatter = org.dogtagpki.tomcat.PKIFormatter
+
+.level = WARNING
+.handler = org.apache.juli.FileHandler
+
+org.dogtagpki.level = WARNING
+com.netscape.level = WARNING
+netscape.level = WARNING

base/tps/CMakeLists.txt

@@ -14,6 +14,8 @@ add_custom_target(pki-tps-lib ALL)
 add_custom_command(
     TARGET pki-tps-lib
     COMMAND ${CMAKE_COMMAND} -E make_directory webapp/lib
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_API_JAR} webapp/lib/slf4j-api.jar
+    COMMAND ${CMAKE_COMMAND} -E create_symlink ${SLF4J_JDK14_JAR} webapp/lib/slf4j-jdk14.jar
     COMMAND ln -sf /usr/share/java/pki/pki-nsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-nsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-cmsutil.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-cmsutil.jar
     COMMAND ln -sf /usr/share/java/pki/pki-certsrv.jar ${CMAKE_CURRENT_BINARY_DIR}/webapp/lib/pki-certsrv.jar

base/tps/shared/webapps/tps/WEB-INF/classes/logging.properties

@@ -0,0 +1,34 @@
+# --- BEGIN COPYRIGHT BLOCK ---
+# Copyright (C) 2018 Red Hat, Inc.
+# All rights reserved.
+# Modifications: configuration parameters
+# --- END COPYRIGHT BLOCK ---
+
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+handlers = org.apache.juli.FileHandler
+
+org.apache.juli.FileHandler.directory = ${catalina.base}/logs/${classloader.webappName}
+org.apache.juli.FileHandler.prefix = debug.
+org.apache.juli.FileHandler.maxDays = 7
+org.apache.juli.FileHandler.formatter = org.dogtagpki.tomcat.PKIFormatter
+
+.level = WARNING
+.handler = org.apache.juli.FileHandler
+
+org.dogtagpki.level = WARNING
+com.netscape.level = WARNING
+netscape.level = WARNING