Add RequestLog URI filter

Add servlet init parameter `excludePatterns` to configure a comma-separate list
of ant-like patterns (wildcards "*" and "**") to exclude uris from request log generation.
This can be used to suppress request logs from health or metrics endpoints.

Signed-off-by: Karsten Schnitter <k.schnitter@sap.com>

Author: KarstenSchnitter

cf-java-logging-support-servlet/src/main/java/com/sap/hcp/cf/logging/servlet/filter/GenerateRequestLogFilter.java

@@ -23,11 +23,13 @@ public class GenerateRequestLogFilter extends AbstractLoggingFilter {
 
     public static final String WRAP_RESPONSE_INIT_PARAM = "wrapResponse";
     public static final String WRAP_REQUEST_INIT_PARAM = "wrapRequest";
+    public static final String EXCLUDE_PATTERNS_INIT_PARAM = "excludePatterns";
 
     private final RequestRecordFactory requestRecordFactory;
 
     private boolean wrapResponse = true;
     private boolean wrapRequest = true;
+    private RequestUriMatcher excludeMatcher = new RequestUriMatcher(null);
 
     public GenerateRequestLogFilter() {
         this(new RequestRecordFactory(new LogOptionalFieldsSettings(GenerateRequestLogFilter.class.getName())));
@@ -47,6 +49,7 @@ public void init(FilterConfig filterConfig) throws ServletException {
         if ("false".equalsIgnoreCase(value)) {
             wrapRequest = false;
         }
+        excludeMatcher = new RequestUriMatcher(filterConfig.getInitParameter(EXCLUDE_PATTERNS_INIT_PARAM));
     }
 
     @Override
@@ -75,7 +78,7 @@ protected void doFilterRequest(HttpServletRequest request, HttpServletResponse r
         try {
             doFilter(chain, request, response);
         } finally {
-            if (!request.isAsyncStarted()) {
+            if (!request.isAsyncStarted() && !excludeMatcher.matches(request.getRequestURI())) {
                 logger.logRequest();
             }
 

cf-java-logging-support-servlet/src/main/java/com/sap/hcp/cf/logging/servlet/filter/RequestUriMatcher.java

@@ -0,0 +1,99 @@
+package com.sap.hcp.cf.logging.servlet.filter;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * Matches request URIs against a list of Ant-style path patterns.
+ * <p>
+ * Supported wildcards:
+ * <ul>
+ *     <li>{@code *}  &ndash; matches any sequence of characters within a single path segment (no slash)</li>
+ *     <li>{@code **} &ndash; matches any sequence of characters across path segment boundaries (including slashes)</li>
+ * </ul>
+ */
+public class RequestUriMatcher {
+
+    private final List<String> patterns;
+
+    /**
+     * Creates a matcher from a comma-separated list of Ant-style path patterns.
+     *
+     * @param commaSeparatedPatterns
+     *         comma-separated pattern string, may be {@code null} or blank
+     */
+    public RequestUriMatcher(String commaSeparatedPatterns) {
+        if (commaSeparatedPatterns == null || commaSeparatedPatterns.isBlank()) {
+            this.patterns = Collections.emptyList();
+        } else {
+            this.patterns = Arrays.stream(commaSeparatedPatterns.split(",")).map(String::trim).filter(s -> !s.isEmpty())
+                                  .toList();
+        }
+    }
+
+    /**
+     * Recursively matches {@code pattern} starting at {@code pi} (pattern index) against {@code uri} starting at
+     * {@code ui} (uri index). No heap allocation occurs during matching.
+     */
+    private static boolean matches(String pattern, int pi, String uri, int ui) {
+        while (pi < pattern.length()) {
+            char pc = pattern.charAt(pi);
+            if (pc == '*') {
+                boolean doubleWildcard = pi + 1 < pattern.length() && pattern.charAt(pi + 1) == '*';
+                if (doubleWildcard) {
+                    // ** — skip the ** and try matching the rest from every position in uri
+                    pi += 2;
+                    if (pi == pattern.length()) {
+                        return true; // ** at end matches everything remaining
+                    }
+                    for (int i = ui; i <= uri.length(); i++) {
+                        if (matches(pattern, pi, uri, i)) {
+                            return true;
+                        }
+                    }
+                    return false;
+                } else {
+                    // * — advance past * and try matching the rest from every position
+                    // within the current segment (no slash crossing)
+                    pi++;
+                    if (pi == pattern.length()) {
+                        return uri.indexOf('/', ui) == -1; // * at end matches rest of segment
+                    }
+                    for (int i = ui; i <= uri.length(); i++) {
+                        if (i > ui && uri.charAt(i - 1) == '/') {
+                            return false; // * cannot cross a slash
+                        }
+                        if (matches(pattern, pi, uri, i)) {
+                            return true;
+                        }
+                    }
+                    return false;
+                }
+            } else {
+                // literal character — must match exactly
+                if (ui >= uri.length() || uri.charAt(ui) != pc) {
+                    return false;
+                }
+                pi++;
+                ui++;
+            }
+        }
+        return ui == uri.length();
+    }
+
+    /**
+     * Returns {@code true} if the given URI matches any of the configured patterns.
+     */
+    public boolean matches(String uri) {
+        if (uri == null) {
+            return false;
+        }
+        for (String pattern: patterns) {
+            if (matches(pattern, 0, uri, 0)) {
+                return true;
+            }
+        }
+        return false;
+    }
+}

cf-java-logging-support-servlet/src/test/java/com/sap/hcp/cf/logging/servlet/filter/GenerateRequestLogFilterTest.java

@@ -119,10 +119,55 @@ public void directlyForwardsRequestResponseWhenLogIsDisabled(ConsoleOutput conso
         assertThat(console.getAllEvents()).isEmpty();
 
         ((LoggerContext) LoggerFactory.getILoggerFactory()).getLogger(RequestLogger.class).setLevel(Level.INFO);
+    }
+
+    @Test
+    public void doesNotWriteRequestLogForExcludedUri(ConsoleOutput console) throws Exception {
+        when(request.getRequestURI()).thenReturn("/health");
+        GenerateRequestLogFilter filter = new GenerateRequestLogFilter(requestRecordFactory);
+        filter.init(new ExcludePatternsConfig("/health,/metrics"));
+
+        filter.doFilter(request, response, chain);
+
+        assertThat(console.getAllEvents()).isEmpty();
+    }
+
+    @Test
+    public void writesRequestLogForNonExcludedUri(ConsoleOutput console) throws Exception {
+        when(request.getRequestURI()).thenReturn("/api/orders");
+        GenerateRequestLogFilter filter = new GenerateRequestLogFilter(requestRecordFactory);
+        filter.init(new ExcludePatternsConfig("/health,/metrics"));
+
+        filter.doFilter(request, response, chain);
+
+        assertThat(console.getAllEvents()).isNotEmpty();
+    }
+
+    @Test
+    public void stillEnrichesContextForExcludedUri(ConsoleOutput console) throws Exception {
+        when(request.getRequestURI()).thenReturn("/actuator/health");
+        GenerateRequestLogFilter filter = new GenerateRequestLogFilter(requestRecordFactory);
+        filter.init(new ExcludePatternsConfig("/actuator/**"));
+
+        filter.doFilter(request, response, chain);
+
+        verify(request).setAttribute(eq(MDC.class.getName()), anyMap());
+        assertThat(console.getAllEvents()).isEmpty();
+    }
+
+    @Test
+    public void doesNotWriteRequestLogForWildcardExcludedUri(ConsoleOutput console) throws Exception {
+        when(request.getRequestURI()).thenReturn("/actuator/health/liveness");
+        GenerateRequestLogFilter filter = new GenerateRequestLogFilter(requestRecordFactory);
+        filter.init(new ExcludePatternsConfig("/actuator/**"));
+
+        filter.doFilter(request, response, chain);
 
+        assertThat(console.getAllEvents()).isEmpty();
     }
 
     private static class NoRequestWrappingConfig implements FilterConfig {
+
         @Override
         public String getFilterName() {
             return "no-request-wrapping";
@@ -143,4 +188,36 @@ public Enumeration<String> getInitParameterNames() {
             return enumeration(List.of("wrapRequest"));
         }
     }
+
+    private static class ExcludePatternsConfig implements FilterConfig {
+
+        private final String excludePatterns;
+
+        ExcludePatternsConfig(String excludePatterns) {
+            this.excludePatterns = excludePatterns;
+        }
+
+        @Override
+        public String getFilterName() {
+            return "exclude-patterns";
+        }
+
+        @Override
+        public ServletContext getServletContext() {
+            return null;
+        }
+
+        @Override
+        public String getInitParameter(String name) {
+            if (GenerateRequestLogFilter.EXCLUDE_PATTERNS_INIT_PARAM.equals(name)) {
+                return excludePatterns;
+            }
+            return null;
+        }
+
+        @Override
+        public Enumeration<String> getInitParameterNames() {
+            return enumeration(List.of(GenerateRequestLogFilter.EXCLUDE_PATTERNS_INIT_PARAM));
+        }
+    }
 }

cf-java-logging-support-servlet/src/test/java/com/sap/hcp/cf/logging/servlet/filter/RequestUriMatcherTest.java

@@ -0,0 +1,99 @@
+package com.sap.hcp.cf.logging.servlet.filter;
+
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.CsvSource;
+import org.junit.jupiter.params.provider.ValueSource;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+class RequestUriMatcherTest {
+
+    @Test
+    void doesNotMatchWhenNoPatternsConfigured() {
+        RequestUriMatcher matcher = new RequestUriMatcher(null);
+        assertThat(matcher.matches("/health")).isFalse();
+    }
+
+    @Test
+    void doesNotMatchWhenPatternStringIsBlank() {
+        RequestUriMatcher matcher = new RequestUriMatcher("   ");
+        assertThat(matcher.matches("/health")).isFalse();
+    }
+
+    @Test
+    void doesNotMatchNullUri() {
+        RequestUriMatcher matcher = new RequestUriMatcher("/health");
+        assertThat(matcher.matches(null)).isFalse();
+    }
+
+    @ParameterizedTest
+    @ValueSource(strings = { "/health", "/metrics", "/actuator" })
+    void matchesExactPattern(String uri) {
+        RequestUriMatcher matcher = new RequestUriMatcher("/health,/metrics,/actuator");
+        assertThat(matcher.matches(uri)).isTrue();
+    }
+
+    @Test
+    void doesNotMatchDifferentPath() {
+        RequestUriMatcher matcher = new RequestUriMatcher("/health");
+        assertThat(matcher.matches("/api/orders")).isFalse();
+    }
+
+    @Test
+    void matchesSingleWildcardWithinSegment() {
+        RequestUriMatcher matcher = new RequestUriMatcher("/api/*/status");
+        assertThat(matcher.matches("/api/orders/status")).isTrue();
+    }
+
+    @Test
+    void singleWildcardDoesNotMatchAcrossSegments() {
+        RequestUriMatcher matcher = new RequestUriMatcher("/api/*/status");
+        assertThat(matcher.matches("/api/orders/items/status")).isFalse();
+    }
+
+    @ParameterizedTest
+    @CsvSource({ "/actuator/**,  /actuator/health", "/actuator/**,  /actuator/health/liveness",
+                 "/actuator/**,  /actuator/", "/api/**,       /api/v1/orders/123" })
+    void matchesDoubleWildcardAcrossSegments(String pattern, String uri) {
+        RequestUriMatcher matcher = new RequestUriMatcher(pattern.trim());
+        assertThat(matcher.matches(uri.trim())).isTrue();
+    }
+
+    @Test
+    void doubleWildcardDoesNotMatchSiblingPath() {
+        RequestUriMatcher matcher = new RequestUriMatcher("/actuator/**");
+        assertThat(matcher.matches("/api/orders")).isFalse();
+    }
+
+    @Test
+    void matchesFirstOfMultiplePatterns() {
+        RequestUriMatcher matcher = new RequestUriMatcher("/health, /actuator/**, /metrics");
+        assertThat(matcher.matches("/health")).isTrue();
+    }
+
+    @Test
+    void matchesMiddleOfMultiplePatterns() {
+        RequestUriMatcher matcher = new RequestUriMatcher("/health, /actuator/**, /metrics");
+        assertThat(matcher.matches("/actuator/health")).isTrue();
+    }
+
+    @Test
+    void matchesLastOfMultiplePatterns() {
+        RequestUriMatcher matcher = new RequestUriMatcher("/health, /actuator/**, /metrics");
+        assertThat(matcher.matches("/metrics")).isTrue();
+    }
+
+    @Test
+    void doesNotMatchWhenNoneOfMultiplePatternsApply() {
+        RequestUriMatcher matcher = new RequestUriMatcher("/health, /actuator/**, /metrics");
+        assertThat(matcher.matches("/api/orders")).isFalse();
+    }
+
+    @Test
+    void ignoresWhitespaceAroundPatterns() {
+        RequestUriMatcher matcher = new RequestUriMatcher("  /health  ,  /metrics  ");
+        assertThat(matcher.matches("/health")).isTrue();
+        assertThat(matcher.matches("/metrics")).isTrue();
+    }
+}