Question

How to stop SAML20 module excessive logging

0

Hi, My SAML20 module, version 1.13.0 and also 1.11.0, logs a lot that I am not interested in. This is NOT caused by the logging switch in the configuration, that one is switched off. How can I stop this? When the app starts it generates 100-s of such lines, and when a user is authenticated too. That action even dumps XML payloads in the logfile. [Edit] No debug or trace logging enabled, these lines are not created by Mendix Log Message actions or custom Java code. It is generated by jars like opensaml. 2020-02-17T07:31:24.654771 [APP/PROC/WEB/1] 07:31:24.654 [qtp1735890395-6021] DEBUG org.opensaml.ws.message.encoder.BaseMessageEncoder - Successfully encoded message. 2020-02-17T07:31:25.386840 [APP/PROC/WEB/0] 07:31:25.386 [qtp474311562-6240] DEBUG org.opensaml.xml.signature.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2020-02-17T07:31:25.386855 [APP/PROC/WEB/0] 07:31:25.386 [qtp474311562-6240] DEBUG org.opensaml.xml.signature.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2020-02-17T07:31:25.386910 [APP/PROC/WEB/0] 07:31:25.386 [qtp474311562-6240] DEBUG org.opensaml.xml.signature.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2020-02-17T07:31:25.386935 [APP/PROC/WEB/0] 07:31:25.386 [qtp474311562-6240] DEBUG org.opensaml.xml.signature.impl.SignatureUnmarshaller - Adding KeyInfo to Signature 2020-02-17T07:31:25.392338 [APP/PROC/WEB/0] 07:31:25.392 [qtp474311562-6240] DEBUG org.opensaml.security.SAMLSignatureProfileValidator - Saw Enveloped signature transform 2020-02-17T07:31:25.392349 [APP/PROC/WEB/0] 07:31:25.392 [qtp474311562-6240] DEBUG org.opensaml.security.SAMLSignatureProfileValidator - Saw Exclusive C14N signature transform 2020-02-17T07:31:25.392352 [APP/PROC/WEB/0] 07:31:25.392 [qtp474311562-6240] DEBUG org.opensaml.xml.signature.SignatureValidator - Attempting to validate signature using key from supplied credential 2020-02-17T07:31:25.392355 [APP/PROC/WEB/0] 07:31:25.392 [qtp474311562-6240] DEBUG org.opensaml.xml.signature.SignatureValidator - Creating XMLSignature object 2020-02-17T07:31:25.392358 [APP/PROC/WEB/0] 07:31:25.392 [qtp474311562-6240] DEBUG org.opensaml.xml.signature.SignatureValidator - Validating signature with signature algorithm URI: http://www.w3.org/2000/09/xmldsig#rsa-sha1 2020-02-17T07:31:25.392360 [APP/PROC/WEB/0] 07:31:25.392 [qtp474311562-6240] DEBUG org.opensaml.xml.signature.SignatureValidator - Validation credential key algorithm 'RSA', key instance class 'sun.security.rsa.RSAPublicKeyImpl' 2020-02-17T07:31:25.393261 [APP/PROC/WEB/0] 07:31:25.393 [qtp474311562-6240] DEBUG org.opensaml.xml.signature.SignatureValidator - Signature validated with key from supplied credential ... ... 2020-02-17T08:47:41.022669 [APP/PROC/WEB/0] 08:47:41.022 [qtp474311562-6410] DEBUG org.opensaml.common.SAMLObjectHelper - Examing signed object for content references with exclusive canonicalization transform 2020-02-17T08:47:41.022677 [APP/PROC/WEB/0] 08:47:41.022 [qtp474311562-6410] DEBUG org.opensaml.common.SAMLObjectHelper - Saw exclusive transform, declaring non-visible namespaces on signed object 2020-02-17T08:47:41.022957 [APP/PROC/WEB/0] 08:47:41.022 [qtp474311562-6410] DEBUG org.opensaml.xml.signature.impl.SignatureMarshaller - Starting to marshall {http://www.w3.org/2000/09/xmldsig#}Signature 2020-02-17T08:47:41.022964 [APP/PROC/WEB/0] 08:47:41.022 [qtp474311562-6410] DEBUG org.opensaml.xml.signature.impl.SignatureMarshaller - Creating XMLSignature object 2020-02-17T08:47:41.023037 [APP/PROC/WEB/0] 08:47:41.022 [qtp474311562-6410] DEBUG org.opensaml.xml.signature.impl.SignatureMarshaller - Adding content to XMLSignature. 2020-02-17T08:47:41.023096 [APP/PROC/WEB/0] 08:47:41.023 [qtp474311562-6410] DEBUG org.opensaml.common.impl.SAMLObjectContentReference - Adding list of inclusive namespaces for signature exclusive canonicalization transform 2020-02-17T08:47:41.023262 [APP/PROC/WEB/0] 08:47:41.023 [qtp474311562-6410] DEBUG org.opensaml.xml.signature.impl.SignatureMarshaller - Creating Signature DOM element 2020-02-17T08:47:41.023472 [APP/PROC/WEB/0] 08:47:41.023 [qtp474311562-6410] DEBUG org.opensaml.xml.signature.Signer - Computing signature over XMLSignature object ... ... 2020-02-17T08:47:41.031821 [APP/PROC/WEB/0] 08:47:41.031 [qtp474311562-6410] DEBUG org.opensaml.saml2.binding.encoding.HTTPPostEncoder - Invoking Velocity template to create POST body 2020-02-17T08:47:41.032220 [APP/PROC/WEB/0] 08:47:41.032 [qtp474311562-6410] DEBUG org.opensaml.saml2.binding.encoding.HTTPPostEncoder - Encoding action url of 'https://www.somedomain.tld:443/am/SSOPOST/metaAlias/idp' with encoded value 'https://www.somedomain.tld:443/am/SSOPOST/metaAlias/idp' 2020-02-17T08:47:41.032227 [APP/PROC/WEB/0] 08:47:41.032 [qtp474311562-6410] DEBUG org.opensaml.saml2.binding.encoding.HTTPPostEncoder - Marshalling and Base64 encoding SAML message 2020-02-17T08:47:41.032928 [APP/PROC/WEB/0] 08:47:41.032 [qtp474311562-6410] DEBUG org.opensaml.saml2.binding.encoding.HTTPPostEncoder - Setting RelayState parameter to: '_f24913cc-072b-4bc5-91c1-81bf90d9868e', encoded as '_f24913cc-072b-4bc5-91c1-81bf90d9868e' 2020-02-17T08:47:41.035412 [APP/PROC/WEB/0] 08:47:41.035 [qtp474311562-6410] DEBUG PROTOCOL_MESSAGE - 2020-02-17T08:47:41.035419 [APP/PROC/WEB/0] <?xml version="1.0" encoding="UTF-8"?> 2020-02-17T08:47:41.035420 [APP/PROC/WEB/0] <samlp:AuthnRequest 2020-02-17T08:47:41.035424 [APP/PROC/WEB/0] AssertionConsumerServiceURL="https://my-app.mendixcloud.com/SSO/assertion" 2020-02-17T08:47:41.035426 [APP/PROC/WEB/0] AttributeConsumingServiceIndex="1" 2020-02-17T08:47:41.035428 [APP/PROC/WEB/0] Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" 2020-02-17T08:47:41.035430 [APP/PROC/WEB/0] Destination="https://www.somedomain.tld:443/am/SSOPOST/metaAlias/idp" ... ... 2020-02-17T08:47:41.035491 [APP/PROC/WEB/0] <saml2p:RequestedAuthnContext Comparison="exact" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"> 2020-02-17T08:47:41.035494 [APP/PROC/WEB/0] <saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef> 2020-02-17T08:47:41.035496 [APP/PROC/WEB/0] </saml2p:RequestedAuthnContext> 2020-02-17T08:47:41.035498 [APP/PROC/WEB/0] </samlp:AuthnRequest> 2020-02-17T08:47:41.035501 [APP/PROC/WEB/0] 08:47:41.035 [qtp474311562-6410] DEBUG org.opensaml.ws.message.encoder.BaseMessageEncoder - Successfully encoded message. 2020-02-17T08:47:42.380334 [APP/PROC/WEB/1] 08:47:42.380 [qtp1735890395-6219] DEBUG org.opensaml.xml.signature.impl.SignatureUnmarshaller - Starting to unmarshall Apache XML-Security-based SignatureImpl element 2020-02-17T08:47:42.380350 [APP/PROC/WEB/1] 08:47:42.380 [qtp1735890395-6219] DEBUG org.opensaml.xml.signature.impl.SignatureUnmarshaller - Constructing Apache XMLSignature object 2020-02-17T08:47:42.381578 [APP/PROC/WEB/1] 08:47:42.381 [qtp1735890395-6219] DEBUG org.opensaml.xml.signature.impl.SignatureUnmarshaller - Adding canonicalization and signing algorithms, and HMAC output length to Signature 2020-02-17T08:47:42.381607 [APP/PROC/WEB/1] 08:47:42.381 [qtp1735890395-6219] DEBUG org.opensaml.xml.signature.impl.SignatureUnmarshaller - Adding KeyInfo to Signature ... ... 2020-02-17T09:17:47.237343 [APP/PROC/WEB/0] 09:17:47.235 [qtp1527906606-14] DEBUG org.opensaml.DefaultBootstrap - Initializing Apache XMLSecurity library 2020-02-17T09:17:47.270864 [APP/PROC/WEB/0] 09:17:47.269 [qtp1527906606-14] DEBUG org.opensaml.xml.parse.BasicParserPool - Setting DocumentBuilderFactory attribute 'http://javax.xml.XMLConstants/feature/secure-processing' 2020-02-17T09:17:47.270892 [APP/PROC/WEB/0] 09:17:47.270 [qtp1527906606-14] DEBUG org.opensaml.xml.parse.BasicParserPool - Setting DocumentBuilderFactory attribute 'http://apache.org/xml/features/disallow-doctype-decl' 2020-02-17T09:17:47.408373 [APP/PROC/WEB/0] 09:17:47.408 [qtp1527906606-14] DEBUG org.opensaml.DefaultBootstrap - Loading XMLTooling configuration /default-config.xml 2020-02-17T09:17:47.408708 [APP/PROC/WEB/0] 09:17:47.408 [qtp1527906606-14] DEBUG org.opensaml.xml.parse.BasicParserPool - Setting DocumentBuilderFactory attribute 'http://javax.xml.XMLConstants/feature/secure-processing' 2020-02-17T09:17:47.408722 [APP/PROC/WEB/0] 09:17:47.408 [qtp1527906606-14] DEBUG org.opensaml.xml.parse.BasicParserPool - Setting DocumentBuilderFactory attribute 'http://apache.org/xml/features/disallow-doctype-decl' 2020-02-17T09:17:47.432003 [APP/PROC/WEB/0] 09:17:47.431 [qtp1527906606-14] DEBUG org.opensaml.xml.XMLConfigurator - Loading configuration from XML Document 2020-02-17T09:17:47.454167 [APP/PROC/WEB/0] 09:17:47.453 [qtp1527906606-14] DEBUG org.opensaml.xml.XMLConfigurator - Schema validating configuration Document 2020-02-17T09:17:47.458507 [APP/PROC/WEB/0] 09:17:47.458 [qtp1527906606-14] DEBUG org.opensaml.xml.XMLConfigurator - Configuration document validated 2020-02-17T09:17:47.458925 [APP/PROC/WEB/0] 09:17:47.458 [qtp1527906606-14] DEBUG org.opensaml.xml.XMLConfigurator - Preparing to load ObjectProviders 2020-02-17T09:17:47.459707 [APP/PROC/WEB/0] 09:17:47.459 [qtp1527906606-14] DEBUG org.opensaml.xml.XMLConfigurator - Initializing object provider {http://www.opensaml.org/xmltooling-config}DEFAULT 2020-02-17T09:17:47.464583 [APP/PROC/WEB/0] 09:17:47.464 [qtp1527906606-14] DEBUG org.opensaml.xml.Configuration - Registering new builder, marshaller, and unmarshaller for {http://www.opensaml.org/xmltooling-config}DEFAULT ... ... Kind regards Paul

asked 2020-02-19

Paul Poetsma

2 answers

0

Hi Paul,

I am running into this same excessive logging too, what did you / mendix do stop it?

Thanks Jacob

answered 2021-03-16

Jacob Boer

Ronald Catersels · Accepted Answer · 2020-02-19

I use the same module but with Mx 7.23.7 but I do not see those log lines in my environments on V3 or V4 cloud. I would raise a support request if set all loglevels to info does not work.

Regards,

Ronald