-
Notifications
You must be signed in to change notification settings - Fork 40.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ability to extend HttpTraceWebFilter (e.g. to include req/resp body) #23907
Comments
The scope of HTTP tracing was deliberately narrowed and locked down in 2.0 so that both the repository that stores the traces and the endpoint that returns them would have predictable data to deal with. Opening up the API as you have suggested will remove the predictability which is something that I don't think we want to do. I'm also not keen on opening things up to record request and response bodies as doing so is generally not recommended as it requires buffering the entire body in memory. This is only my opinion so I'll mark this one for team attention to see what the rest of the team thinks. As we mention in the documentation, if your needs have outgrown the capabilities of the built-in HTTP tracing they may be better served by using something like Zipkin or Spring Cloud Sleuth. |
@wilkinsona thanks for your response.
yes, I had noticed the mention and have investigated this approach, however the requirement to trace http request/response bodies is not supported either brave and zipkin and likely to be even more complex See https://gitter.im/openzipkin/zipkin?at=5ca0156693fb4a7dc2a9e791 march 2019
Brave seems to abstract out the http client and server and hide away the ServerWebExchange, see https://github.com/openzipkin/brave/tree/master/instrumentation/http#span-data-policy
Logging req/resp body in brave would possibly require
I do agree that blindly adding request and response body to the actuator httptracing regardless of served traffic will impact predictability and isn't a desired goal for a general purpose usage. My specific use-case is a reverse proxy based on spring-cloud-gateway, proxifying low traffic and small API requests/responses where inspection of proxied traffic is necessary. The side effect on memory (denial of service or predictability) is also mitigated by abbreviating the recorded bodies and removing them from the exchange attributes (as to favor GC). Maybe there is room to support users in http tracing extensions for such specific use-cases. |
We've discussed this today and the team agreed that we don't want to increase the surface area of the public API to support this use case. Our recommendation is that you maintain your own copy of the current code, modified to suit your specific needs. Thanks anyway for the suggestion. |
thanks for your response and for having considering the suggestion. |
Expected behavior
As a springboot user
Unable to add request/response body to httptrace (actuator) 2.0.1-RELEASE #12953 (comment)
HttpTraceWebFilter
to be able to cleanly inject new behavior without duplicating most of the webfilter in custom code.Current behavior
While a custom implementation of HttpTraceWebFilter can be injected thanks to
spring-boot/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/trace/http/HttpTraceAutoConfiguration.java
Lines 64 to 73 in a669e1c
it requires the following workarounds:
the custom
HttpTraceWebFilter
class needs to extendHttpTraceWebFilter
the
ServerWebExchangeTraceableRequest
andTraceableServerHttpResponse
objects can't be injected as beans and are instead hard codedthe
ServerWebExchangeTraceableRequest
andTraceableServerHttpResponse
classes are package protected preventing them from being subclassed to enrich their behavior.spring-boot/spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/web/trace/reactive/ServerWebExchangeTraceableRequest.java
Line 35 in a669e1c
spring-boot/spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/web/trace/reactive/TraceableServerHttpResponse.java
Line 32 in a669e1c
spring-boot/spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/web/trace/reactive/HttpTraceWebFilter.java
Lines 85 to 96 in a669e1c
Here is the full resulting duplicated webfilter along with associated spring cloud gateway configuration https://gist.github.com/gberche-orange/06c26477a313df9d19d20a4e115f079f that injects request and response bodies as respectively
request_body
andresponse_body
http headersThe text was updated successfully, but these errors were encountered: