Log all http traffic coming in or going out with JAX-RS, i.e. request/status, headers and (text)body coming in and returned by a server as well as sending out and receiving back by a client.
It logs at DEBUG
level using slf4j.
It tries to find out what API class was used (or fall back to a generic logger), e.g. when you use MP REST Client, it uses the name of the client API interface as the logger. On the server, I didn’t find a standardized way to find out what API class handles the request; so that works currently only for RestEasy… any hints are very welcome.
It logs the Authorization
header value as <hidden>
; with an exception: we consider passwords with at least 12 characters to be safe enough, so we can log the username and only hide the password.
This often makes debugging issues with credentials easier, as it easily happens that you use the wrong credentials, but it’s much less likely that you use the wrong password for the correct user.
It joins repeated headers into a single, comma separated log line.
To use it, simply add it to your runtime classpath.