Versions Compared

Old Version 10

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 11

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagexml
titleCounter of SAML 1 queries
collapsetrue
	<bean id="shibboleth.metrics.MetricStrategy" parent="shibboleth.ContextFunctions.Scripted"
			factory-method="inlineScript">
		<constructor-arg>
			<value>
			<![CDATA[
				profileType = Java.type("net.shibboleth.idp.saml.saml1.profile.config.AttributeQueryProfileConfiguration");
				if (profileType.PROFILE_ID.equals(input.getProfileId())) {
					metricCtx = input.getSubcontext("org.opensaml.profile.context.MetricContext");
					metricCtx.addCounter("idp.profile.saml1.attributeQueries", "DecodeMessage");
				}
				true; // Signals success.
			]]>
			</value>
		</constructor-arg>
	</bean>

Finally, here's a way to take advantage of how early the strategy function runs to capture (approximately) the time at the start of a request so that it can be included in the audit log, allowing it to be used with other audit fields to compute the wall clock time to process requests.

Code Block
languagexml
titleCapture start time of requests in an audit field
collapsetrue
	<bean id="shibboleth.metrics.MetricStrategy" parent="shibboleth.ContextFunctions.Scripted"
			factory-method="inlineScript">
		<constructor-arg>
			<value>
			<![CDATA[
				dateTimeType = Java.type("org.joda.time.DateTime");
                var auditCtx = input.getSubcontext("net.shibboleth.idp.profile.context.AuditContext", true);
                auditCtx.getFieldValues("ST").add(new dateTimeType().toString("YYYY-MM-dd'T'HH:mm:ss.SSSZZ"));

                true; // Signals success.
			]]>
			</value>
		</constructor-arg>
	</bean>

Reference

Beans

NameTypeFunction
shibboleth.metrics.MetricRegistryFilteredMetricRegistryRegistry of all metrics known to the system
shibboleth.metrics.RegisterMetricSetsMethodInvokingBeanSpring parent bean for invoking the registerMultiple method on the registry
shibboleth.metrics.RegisterMetricSetMethodInvokingBean   

Spring parent bean for invoking the register method on the registry

shibboleth.metrics.CoreGaugeSetMetricSet / MetricFilterLow-level gauges for OS, Java, and memory information
shibboleth.metrics.IdPGaugeSetMetricSet / MetricFilterBasic IdP system information (version, uptime)
shibboleth.metrics.LoggingGaugeSetMetricSet / MetricFilterInformation about the logging service
shibboleth.metrics.AccessControlGaugeSetMetricSet / MetricFilterInformation about the access control service
shibboleth.metrics.MetadataGaugeSetMetricSet / MetricFilterInformation about the metadata resolver service
shibboleth.metrics.RelyingPartyGaugeSetMetricSet / MetricFilterInformation about the RelyingParty configuration service
shibboleth.metrics.NameIdentifierGaugeSetMetricSet / MetricFilterInformation about the Name Identifier generation service
shibboleth.metrics.AttributeResolverGaugeSetMetricSet / MetricFilterInformation about the attribute resolver service
shibboleth.metrics.AttributeFilterGaugeSetMetricSet / MetricFilterInformation about the attribute filter service
shibboleth.metrics.HTTPReporterHTTPReporterA schedulable background reporter that sends a JSON feed of metrics to a URL
shibboleth.metrics.MetricGroupsMap<String,MetricFilter>Associates metrics matching a supplied filter with a string label that "names" that set of metrics
shibboleth.metrics.MetricLevelMapMap<String,Level>Optional mapping of metric names to logging levels to associate with the metric
shibboleth.metrics.DefaultAccessPolicyStringName of the access control policy to apply to the metrics API in the absence of a more specific policy
shibboleth.metrics.AccessPolicyMapMap<String,String>Maps a named metric group/filter from the "shibboleth.metrics.MetricGroups" bean to a named access control policy to apply when accessing that group via the API
shibboleth.metrics.AccessPolicyStrategyFunction<ProfileRequestContext,String>A mechanism to determine the access control policy to apply to a request to the metrics API, normally relies on the two previous beans but can be replaced if desired
shibboleth.metrics.AllowedOriginStringOptional "Access-Control-Allow-Origin" header value to return within REST API response
shibboleth.metrics.JSONPCallbackStringOptional name of JSONP callback function to pass the REST API response
shibboleth.metrics.MetricStrategyFunction<ProfileRequestContext,Boolean>A hook to provide a function to execute at the beginning of every request that can programmatically enable timers and counters for objects during the execution of that request

...