Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Trace keycloak calls

See original GitHub issue

Description

In Quarkus we can log all requests using opentracing feature. However it is not the case about requests made by the authentication mechanism using keycloak. It would be nice to add them in opentracing because keycloak can be a point of failure. Also it may be useful to collect response time to analyze them afterwards.

Implementation ideas quarkus-keycloak-authorization used VertX VertxHttpFacade to make calls. VertX web seems to be also used by rest endpoint. So maybe that we could add TraceId, SpanId into VertxHttpFacade ? (It is a suggestion) by using the same traceId used from the rest call.

Some implementations on how to add trace feature for Vertx web can be found in this project:

        <dependency>
            <groupId>io.opentracing.contrib</groupId>
            <artifactId>opentracing-vertx-web</artifactId>
            <version>1.0.0</version>
        </dependency>

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:10 (6 by maintainers)

github_iconTop GitHub Comments

2reactions
stuartwdouglascommented, Sep 9, 2020

I don’t see any problems with this, but obviously things like tokens and other credentials should not be included in the data.

1reaction
sberyozkincommented, Sep 8, 2020

Hi @pedroigor yeah, well, I was again being a bit paranoid here 😃, suggesting that exposing the KC traces to a Quarkus endpoint user is the info which is arguably sensitive - shows the traget address of the OIDC server which is outside of the scope of tracing the application specific calls through the distributed system. That said, if it is configurable (ex, block exposing these traces if needed) then may be it is all right. CC @stuartwdouglas as well

Read more comments on GitHub >

github_iconTop Results From Across the Web

Configuring logging - Keycloak
More detailed information for debugging purposes, such as database logs. Higher frequency. TRACE. Most detailed debugging information. Very high frequency.
Read more >
TRACE logging for troubleshooting Keycloak/RH-SSO issues
When TRACE logging level in keycloak is enabled, the standalone.xml (or domain.xml) should look like the following for the org.keycloak ...
Read more >
Method to monitor requests that come towards Keycloak server
I'm trying to understand the functionalities of Keycloak and trying to find a way to monitor request flows (like ...
Read more >
How to enable OpenTracing in Keycloak 10.x - gists · GitHub
Enable opentracing in Keycloak ... The following jboss-cli script creates the necessary bits. Copy standalone.xml to standalone-tracing.xml. Run via bin/jboss-cli ...
Read more >
Keycloak Events Logging - Niko Köbler
Keycloak Events Logging ... Keycloak has this feature of “events”. There are two kinds of events: login events and admin events. Login events...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Native Tests fail when quarkus.http.test-port is set to 0

Next page

Gradle build fails after upgrade to 1.7.2