Failure: WFLYCTL0212: Duplicate resource

116 views
Skip to first unread message

rinilnath r

unread,
Dec 27, 2021, 12:10:41 AM12/27/21
to WildFly
Hi,

I am getting the below error message when we run the cli file undertow_enable_log.cli
With below mentioned change in patter for better compliance.

/subsystem=undertow/server=default-server/host=default-host/setting=access-log:\

add(pattern="%a | %h %u %A %p %t | "%r" | "%v" | %s %b %D| "%{i,Referer}" | "%{i,User-Agent}" | "%{c,JSESSIONID}" | remoteLogname:"%l"", use-server-log=false)

And, we run the below commands à

> jboss-cli.bat -c

> run-batch --file="undertow_enable_log.cli"

But, received Error Msg: “Failure: WFLYCTL0212: Duplicate resource”

Questions:

1) Kindly advise, if the pattern has applied correctly?

2) And, how can we run the batch successfully with expected results log? 


thanks,

Rinilnath.R

+91-9786285451

 

James Perkins

unread,
Jan 4, 2022, 10:47:03 AMJan 4
to WildFly
The failure is indicating there is already an access log configured. What is it you want to change?

rinilnath r

unread,
Jan 4, 2022, 11:31:33 AMJan 4
to James Perkins, WildFly
Thanks James for responding.

We use Undertow with our JBOSS EAP, in our standalone xml, we have following access log pattern. 

<access-log pattern="%a | %h %u %A %p %t | &quot;%r&quot; | &quot;%v&quot; | %s %b %D| &quot;%\{i,Referer}&quot; | &quot;%\{i,User-Agent}&quot; | &quot;%\{c,JSESSIONID}&quot; | remoteLogname:&quot;%l&quot;" use-server-log="false"/>

Our main observation now is that "%v" exchange attribute is printing the local server name with the port number that is listening to. in the access log files


As per our security team suggestion, we have to achieve either one of the things below
 # We should not log the port number 
 # if not, we should atleast replace the logged pattern to use '+' char instead of ':' between server name and port. Say like

But we are unable to find any clue in undertow documentation or in online references.

Can you please share some help here ? Is there a way to customize such logging patterns to this way. ?

Thanks and Regards,
Rinilnath
Mobile#9786285451

--
You received this message because you are subscribed to the Google Groups "WildFly" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wildfly+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wildfly/f804d36a-300f-4f08-bb90-8e4158100037n%40googlegroups.com.

James Perkins

unread,
Jan 4, 2022, 11:35:44 AMJan 4
to WildFly
Do I understand you just want to remove the "%v"? If so then you can do that with a write operation. Something like:
/subsystem=undertow/server=default-server/host=default-host/setting=access-log:write-attribute(name=pattern, value="%a | %h %u %A %p %t | "%r" | %s %b %D| "%{i,Referer}" | "%{i,User-Agent}" | "%{c,JSESSIONID}" | remoteLogname:"%l"", use-server-log=false)

rinilnath r

unread,
Jan 4, 2022, 9:34:36 PMJan 4
to James Perkins, WildFly
Hi James,

We actually want the localhost domain name to be logged still, we should not remove it fully. So we expect to override the behaviour of %v% such that it shows only domain not the :{portnumber}

Any way to achieve that?.

By the way where do you want to give this write operation codes to be given?? In which file?


Thanks and Regards,
Rinilnath
Mobile#9786285451

James Perkins

unread,
Jan 5, 2022, 10:48:39 AMJan 5
to WildFly
Hi Rinilnah,
I'm not sure that is possible. You can see the available patterns here https://undertow.io/undertow-docs/undertow-docs-2.1.0/index.html#exchange-attributes-2.

That is just a CLI command. You'd execute it in CLI. However, it removed the "%v" so it's not really what you're looking for. It's just that in your original command you were using the "add" operation for a resource that already exists. That's what's casuing the Duplicate resource error.

rinilnath r

unread,
Jan 5, 2022, 9:13:50 PMJan 5
to James Perkins, WildFly
Hi,

Getting your point, we avoided that duplicate resource error by adding the pattern in standalone.xml instead of putting as add pattern in cli file.

Now the only point is to alter the behaviour of %v%, to match security compliance and hide explicit port number.

May be I shall ask for a new feature in Jira?


Thanks and Regards,
Rinilnath
Mobile#9786285451

James Perkins

unread,
Jan 6, 2022, 11:42:00 AMJan 6
to WildFly
I'd advise using the write-attribute operation over editing the XML.

That said you could file a feature request at https://issues.redhat.com/browse/UNDERTOW.

Reply all
Reply to author
Forward
0 new messages