diff --git a/backend/pom.xml b/backend/pom.xml
index 168b29c..a6f80fb 100644
--- a/backend/pom.xml
+++ b/backend/pom.xml
@@ -5,7 +5,7 @@
ru.micord.ervu.lkrp
fl
- 1.10.0
+ 1.11.3
ru.micord.ervu.lkrp.fl
backend
diff --git a/backend/src/main/java/ru/micord/ervu/audit/service/impl/BaseAuditService.java b/backend/src/main/java/ru/micord/ervu/audit/service/impl/BaseAuditService.java
index 94520ee..3810f35 100644
--- a/backend/src/main/java/ru/micord/ervu/audit/service/impl/BaseAuditService.java
+++ b/backend/src/main/java/ru/micord/ervu/audit/service/impl/BaseAuditService.java
@@ -4,6 +4,8 @@ import javax.servlet.http.HttpServletRequest;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Conditional;
import org.springframework.stereotype.Service;
@@ -26,6 +28,9 @@ import ru.micord.ervu.util.NetworkUtils;
@Service
@Conditional(AuditEnabledCondition.class)
public class BaseAuditService implements AuditService {
+ private static final Logger LOGGER = LoggerFactory.getLogger(BaseAuditService.class);
+
+
private final AuditKafkaPublisher auditPublisher;
private final JwtTokenService jwtTokenService;
private final ObjectMapper objectMapper;
@@ -64,10 +69,20 @@ public class BaseAuditService implements AuditService {
@Override
public void processAuthEvent(HttpServletRequest request, PersonModel personModel, String status,
String eventType) {
+ long startTime = System.currentTimeMillis();
String serverIp = NetworkUtils.getServerIp();
+ LOGGER.info("Thread {} - server ip {} got in {} ms", Thread.currentThread().getId(), serverIp,
+ System.currentTimeMillis() - startTime);
+
+ startTime = System.currentTimeMillis();
String clientIp = NetworkUtils.getClientIp(request);
+ LOGGER.info("Thread {} - client ip {} got in {} ms", Thread.currentThread().getId(), clientIp,
+ System.currentTimeMillis() - startTime);
+
+ startTime = System.currentTimeMillis();
String serverHostName = NetworkUtils.getHostName(serverIp);
- String clientHostName = NetworkUtils.getHostName(clientIp);
+ LOGGER.info("Thread {} - server host name {} got in {} ms", Thread.currentThread().getId(), serverHostName,
+ System.currentTimeMillis() - startTime);
AuditAuthorizationEvent event = new AuditAuthorizationEvent(
personModel.getPrnsId(),
@@ -81,10 +96,12 @@ public class BaseAuditService implements AuditService {
serverIp,
serverHostName,
clientIp,
- clientHostName
+ clientIp
);
String message = convertToMessage(event);
auditPublisher.publishEvent(authorizationTopic, message);
+ LOGGER.info("Thread {} - event published in {} ms", Thread.currentThread().getId(),
+ System.currentTimeMillis() - startTime);
}
@Override
diff --git a/backend/src/main/java/ru/micord/ervu/kafka/service/impl/BaseReplyingKafkaService.java b/backend/src/main/java/ru/micord/ervu/kafka/service/impl/BaseReplyingKafkaService.java
index 96aacea..190ded5 100644
--- a/backend/src/main/java/ru/micord/ervu/kafka/service/impl/BaseReplyingKafkaService.java
+++ b/backend/src/main/java/ru/micord/ervu/kafka/service/impl/BaseReplyingKafkaService.java
@@ -29,13 +29,13 @@ public abstract class BaseReplyingKafkaService implements ReplyingKafkaSer
try {
ConsumerRecord result = Optional.ofNullable(replyFuture.get())
.orElseThrow(() -> new KafkaMessageException("Kafka return result is null"));
- LOGGER.info("Thread {} - KafkaSendMessageAndGetReply: {} ms",
- Thread.currentThread().getId(), System.currentTimeMillis() - startTime);
+ LOGGER.info("Thread {} - KafkaSendMessageAndGetReply: {} ms, replyTopic: {}",
+ Thread.currentThread().getId(), System.currentTimeMillis() - startTime, replyTopic);
return result;
}
catch (InterruptedException | ExecutionException e) {
- LOGGER.error("Thread {} - KafkaSendMessageAndGetReply: {} ms",
- Thread.currentThread().getId(), System.currentTimeMillis() - startTime);
+ LOGGER.error("Thread {} - KafkaSendMessageAndGetReply: {} ms, replyTopic: {}",
+ Thread.currentThread().getId(), System.currentTimeMillis() - startTime, replyTopic);
throw new KafkaMessageReplyTimeoutException(e);
}
}
diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/controller/EsiaController.java b/backend/src/main/java/ru/micord/ervu/security/esia/controller/EsiaController.java
index c10fec8..652c545 100644
--- a/backend/src/main/java/ru/micord/ervu/security/esia/controller/EsiaController.java
+++ b/backend/src/main/java/ru/micord/ervu/security/esia/controller/EsiaController.java
@@ -71,6 +71,7 @@ public class EsiaController {
public String getUserFullname(HttpServletRequest request) {
String accessToken = jwtTokenService.getAccessToken(request);
PersonModel personModel = personalDataService.getPersonModel(accessToken);
- return personModel.getLastName() + " " + personModel.getFirstName().charAt(0) + ". " + personModel.getMiddleName().charAt(0) + ".";
+ String middleName = personModel.getMiddleName() != null ? personModel.getMiddleName().charAt(0) + "." : "";
+ return personModel.getLastName() + " " + personModel.getFirstName().charAt(0) + ". " + middleName;
}
}
diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
index 65fc895..9c62b0d 100644
--- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
+++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
@@ -183,11 +183,15 @@ public class EsiaAuthService {
}
public void authEsiaTokensByCode(String esiaAuthCode, String state, HttpServletResponse response, HttpServletRequest request) {
+ long startReqTime = System.currentTimeMillis();
+ long startSubReqTime = startReqTime;
String esiaAccessTokenStr = null;
String prnOid = null;
Long expiresIn = null;
long signSecret = 0, requestAccessToken = 0, verifySecret = 0;
verifyStateFromCookie(request, state, response);
+ LOGGER.info("Thread {} - Verify state from cookie: {} ms", Thread.currentThread().getId(), System.currentTimeMillis() - startSubReqTime);
+
try {
String clientId = esiaConfig.getClientId();
DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx");
@@ -203,9 +207,9 @@ public class EsiaAuthService {
parameters.put("state", "%s");
parameters.put("redirect_uri", redirectUrl);
parameters.put("code", esiaAuthCode);
- long startTime = System.currentTimeMillis();
+ startSubReqTime = System.currentTimeMillis();
SignResponse signResponse = signMap(parameters);
- signSecret = System.currentTimeMillis() - startTime;
+ signSecret = System.currentTimeMillis() - startSubReqTime;
String newState = signResponse.getState();
String clientSecret = signResponse.getSignature();
String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl();
@@ -221,7 +225,7 @@ public class EsiaAuthService {
.setParameter("token_type", "Bearer")
.setParameter("client_certificate_hash", esiaConfig.getClientCertHash())
.toFormUrlencodedString();
- startTime = System.currentTimeMillis();
+ startSubReqTime = System.currentTimeMillis();
HttpRequest postReq = HttpRequest.newBuilder(URI.create(authUrl))
.header(HttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded")
.POST(HttpRequest.BodyPublishers.ofString(postBody))
@@ -231,7 +235,7 @@ public class EsiaAuthService {
.connectTimeout(Duration.ofSeconds(esiaConfig.getConnectionTimeout()))
.build()
.send(postReq, HttpResponse.BodyHandlers.ofString());
- requestAccessToken = System.currentTimeMillis() - startTime;
+ requestAccessToken = System.currentTimeMillis() - startSubReqTime;
String responseString = postResp.body();
EsiaTokenResponse tokenResponse = objectMapper.readValue(responseString,
EsiaTokenResponse.class
@@ -246,9 +250,9 @@ public class EsiaAuthService {
throw new EsiaException("Token invalid. State from request not equals with state from response.");
}
esiaAccessTokenStr = tokenResponse.getAccessToken();
- startTime = System.currentTimeMillis();
+ startSubReqTime = System.currentTimeMillis();
String verifyResult = verifyToken(esiaAccessTokenStr);
- verifySecret = System.currentTimeMillis() - startTime;
+ verifySecret = System.currentTimeMillis() - startSubReqTime;
if (verifyResult != null) {
throw new EsiaException(verifyResult);
}
@@ -282,11 +286,17 @@ public class EsiaAuthService {
}
finally {
if (personModel != null) {
+ startSubReqTime = System.currentTimeMillis();
auditService.processAuthEvent(
request, personModel, status, AuditConstants.LOGIN_EVENT_TYPE
);
+ LOGGER.info("Thread {} - Process auth event: {} ms", Thread.currentThread().getId(), System.currentTimeMillis() - startSubReqTime);
}
+ startSubReqTime = System.currentTimeMillis();
createTokenAndAddCookie(response, prnOid, ervuId, expiresIn);
+ LOGGER.info("Thread {} - Creating token and add cookie: {} ms", Thread.currentThread().getId(), System.currentTimeMillis() - startSubReqTime);
+
+ LOGGER.info("Thread {} - Request time: {} ms", Thread.currentThread().getId(), System.currentTimeMillis() - startReqTime);
}
}
diff --git a/config/Dockerfile.backend b/config/Dockerfile.backend
index c823625..eab55b5 100644
--- a/config/Dockerfile.backend
+++ b/config/Dockerfile.backend
@@ -6,7 +6,8 @@ FROM $BUILDER_IMAGE AS builder
ARG MVN_FLAGS="-Pprod"
RUN apt-get update \
- && apt-get -y install git glibc-locales java-17-openjdk-devel maven node \
+ && apt-get -y install git glibc-locales java-17-openjdk-devel maven node curl \
+ && curl --location --insecure https://github.com/prometheus/jmx_exporter/releases/download/1.3.0/jmx_prometheus_javaagent-1.3.0.jar -o jmx_prometheus_javaagent.jar \
&& apt-get clean
ENV JAVA_HOME=/usr/lib/jvm/java
@@ -22,7 +23,6 @@ RUN mkdir -p $HOME/.m2 \
&& mvn clean \
&& mvn package -T4C ${MVN_FLAGS}
-
FROM $RUNTIME_IMAGE
ARG ADMIN_PASSWORD=Secr3t
@@ -30,11 +30,16 @@ USER root
COPY config/tomcat /
+ENV CATALINA_OPTS="-javaagent:/opt/jmx_exporter/jmx_prometheus_javaagent.jar=8081:/opt/jmx_exporter/config.yaml"
+
RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \
&& sed -i -r "s//$ADMIN_PASSWORD/g" /etc/tomcat/tomcat-users.xml \
&& chown root:tomcat /var/lib/tomcat/webapps \
&& chmod g+rw /var/lib/tomcat/webapps
+COPY --from=builder jmx_prometheus_javaagent.jar /opt/jmx_exporter/jmx_prometheus_javaagent.jar
+COPY config/jmx_exporter.yaml /opt/jmx_exporter/config.yaml
+
USER tomcat
COPY --from=builder /app/backend/target/fl*.war /var/lib/tomcat/webapps/fl.war
diff --git a/config/jmx_exporter.yaml b/config/jmx_exporter.yaml
new file mode 100644
index 0000000..1dec7af
--- /dev/null
+++ b/config/jmx_exporter.yaml
@@ -0,0 +1,39 @@
+lowercaseOutputLabelNames: true
+lowercaseOutputName: true
+whitelistObjectNames: ["java.lang:type=OperatingSystem", "Catalina:*"]
+blacklistObjectNames: []
+rules:
+ - pattern: 'Catalina<>serverInfo: (.+)'
+ name: tomcat_serverinfo
+ value: 1
+ labels:
+ serverInfo: "$1"
+ type: COUNTER
+ - pattern: 'Catalina<>(\w+):'
+ name: tomcat_$3_total
+ labels:
+ port: "$2"
+ protocol: "$1"
+ help: Tomcat global $3
+ type: COUNTER
+ - pattern: 'Catalina<>(requestCount|processingTime|errorCount):'
+ name: tomcat_servlet_$3_total
+ labels:
+ module: "$1"
+ servlet: "$2"
+ help: Tomcat servlet $3 total
+ type: COUNTER
+ - pattern: 'Catalina<>(currentThreadCount|currentThreadsBusy|keepAliveCount|connectionCount|acceptCount|acceptorThreadCount|pollerThreadCount|maxThreads|minSpareThreads):'
+ name: tomcat_threadpool_$3
+ labels:
+ port: "$2"
+ protocol: "$1"
+ help: Tomcat threadpool $3
+ type: GAUGE
+ - pattern: 'Catalina<>(processingTime|sessionCounter|rejectedSessions|expiredSessions):'
+ name: tomcat_session_$3_total
+ labels:
+ context: "$2"
+ host: "$1"
+ help: Tomcat session $3 total
+ type: COUNTER
\ No newline at end of file
diff --git a/distribution/pom.xml b/distribution/pom.xml
index 4ceb178..d18e122 100644
--- a/distribution/pom.xml
+++ b/distribution/pom.xml
@@ -4,7 +4,7 @@
ru.micord.ervu.lkrp
fl
- 1.10.0
+ 1.11.3
ru.micord.ervu.lkrp.fl
diff --git a/frontend/pom.xml b/frontend/pom.xml
index 45fc8cb..89aefd1 100644
--- a/frontend/pom.xml
+++ b/frontend/pom.xml
@@ -4,7 +4,7 @@
ru.micord.ervu.lkrp
fl
- 1.10.0
+ 1.11.3
ru.micord.ervu.lkrp.fl
diff --git a/pom.xml b/pom.xml
index ecd89ee..246dbe2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
4.0.0
ru.micord.ervu.lkrp
fl
- 1.10.0
+ 1.11.3
pom
backend
@@ -262,7 +262,7 @@
org.apache.kafka
kafka-clients
- 3.9.0
+ 3.9.1
snappy-java
diff --git a/resources/pom.xml b/resources/pom.xml
index 1ab996b..041fe39 100644
--- a/resources/pom.xml
+++ b/resources/pom.xml
@@ -4,7 +4,7 @@
ru.micord.ervu.lkrp
fl
- 1.10.0
+ 1.11.3
ru.micord.ervu.lkrp.fl