ATG Override logging

We had the requirement to append Order ID for each logging statement. This is how we achieved that.

Create Component:

\atg\dynamo\service\logging\LogQueue.properties

$class=atg.nucleus.logging.CustomLogListenerQueue

logListeners=LogDispatch

customLogging=true

Path of property file should not be changed.

 

CustomLogListenerQueue.java

package atg.nucleus.logging;

import atg.commerce.order.OrderHolder;
import atg.core.util.StringUtils;
import atg.nucleus.logging.LogEvent;
import atg.nucleus.logging.LogListenerQueue;
import atg.servlet.ServletUtil;

public class CustomLogListenerQueue extends LogListenerQueue {

private boolean mCustomLogging;
private static String ORDER_PATH = “/atg/commerce/ShoppingCart”;

/**
* @return the customLogging
*/
public boolean isCustomLogging() {
return mCustomLogging;
}

/**
* @param pCustomLogging
* the customLogging to set
*/
public void setCustomLogging(boolean pCustomLogging) {
mCustomLogging = pCustomLogging;
}

/* (non-Javadoc)
* @see atg.nucleus.logging.LogListenerQueue#logEvent(atg.nucleus.logging.LogEvent)
* Following would append order id in front of all log messages
*/
@Override
public synchronized void logEvent(LogEvent pArg0) {

if (isCustomLogging()) {
String lCustomLogMessage = “”;

if (null != pArg0 && !StringUtils.isBlank(pArg0.mMessage) && null != ServletUtil.getCurrentRequest()) {

OrderHolder lOrderHolder = (OrderHolder) ServletUtil.getCurrentRequest().resolveName(ORDER_PATH);
if (null != lOrderHolder && null != lOrderHolder.getCurrent(Boolean.FALSE)) {
lCustomLogMessage = “OrderID: ” + lOrderHolder.getCurrent().getId() + ” “;
}

pArg0.mMessage = lCustomLogMessage + pArg0.mMessage;
}
}

super.logEvent(pArg0);
}

}

 

 

JSP pass and retrieve variables – ATG

 

Parent JSP:

<dsp:include page=”/common/getTaxedPrice.jsp”>
<dsp:param name=”freePrice” value=”${paymentCost}”/>
</dsp:include>

 

Child JSP:

Read passed value:

<dsp:getvalueof param=”freePrice” var=”freePrice”/>

 

Pass value to parent JSP:

Option 1 – DSP TAGS:

<dsp:getvalueof param=”intergerlVal” var=”integerValue” scope=”request” />
<dsp:getvalueof param=”decimalVal” var=”decimalValue” scope=”request”/>

Option 2 – JSTL:

<c:set var=”integerValue” scope=”request” value=”integerValue”></c:set>

<c:set var=”decimalValue” scope=”request” value=”decimalValue”></c:set>

 

Parent JSP:

Variables can be printed or used as:

${integerValue}

${decimalValue}

Browser SSL issue & fix – For Weblogic only

We have found latest version of different browsers are not working with https. Please find details on this issue below.

 

Affected Browser:

  • > Chrome 45
  • > Firefox 40
  • > Internet explorer 11

 

Issue:

Security protocol used for https, SSLv3 has security vulnerability, it is known as POODLE(Padding Oracle On Downgraded Legacy Encryption) attack which can be used for Man-In-Middle attack.

Hence browser companies have stopped support for SSL 3.0 in latest versions, please read these articles for more details. Internet Explorer Firefox Chrome

In latest version of browsers we can see page like following on hitting https flow.

firefox ssl issue

chrome ssl issue

 

 

Fix:

Server must use >TLS 1.0 protocol instead of SSL 3.0.

Apache server is already configured with protocol > TLS 1.0. Hence no changes are required for environment where apache is configured correctly.

For the environments where application server ports (weblogic) are expected to be used over web server ports (Apache), please do following change.

 

  1. Stop application server
  2. Go to weblogic domain <Domain Name>/config
  3. Take back up of config.xml
  4. Edit original config.xml
  5. Search for Server name in the file e.g. “<name>ATGCommerce</name>”
  6. Look for ssl tag under this “<ssl>”
  7. Enter following two lines under SSL tag.

<use-java>true</use-java>

<jsse-enabled>true</jsse-enabled>

<ciphersuite>SSL_RSA_WITH_RC4_128_MD5</ciphersuite>

8. Save file

9. Start application server

 

Please follow the similar sequence of tags else there can be issue. Do not worry about tags you do not have in your config file.

 

ConfigFileSequence

 

Note:

This fix is to be used for development environments only, for TEST and higher environments web server (APACHE) is to be used.

If this fix is required in higher environments, confirmation from product company(Oracle) is must.