Still printing the Stack Traces? It’s time to quit!
Hi!
This is about a simple yet extremely important practice which programmers forget. If you are used to a java like programming language most of the try catch blocks generated by the IDE’s will carry the code to handle the exception by printing out the stack trace. This is something in the code which gets least of the attention but when it comes to the production level it is considered a extremely bad practice. To see how bad just click here!
The above link shows the error logs by a 3rd party module called elmah. Actually the above is more to do with security misconfiguration. But it is the same if you print your stack traces. By doing so the application will be at risk during the deployment as it exposes internal error details which should be available only for you.
So what would be a better approach?
A better way would be to log your stack traces into a file. So each time an unexpected behavior occurs you will know the place to go and look into rather than exposing it to the whole world to see. So in this post I will go through some simple steps to set up the apache log4j module in your application.
The maven dependency can be added to the pom.xml if you are using maven as the build tool. (be mindful of the version)
<dependency> <groupId>log4j</groupId> <artifactId>log4j</artifactId> <version>1.2.17</version> </dependency>According to the documentation :
Configuration of Log4j 2 can be accomplished in 1 of 4 ways:
1. Through a configuration file written in XML, JSON, YAML, or properties format.
2. Programmatically, by creating a ConfigurationFactory and Configuration implementation.
3. Programmatically, by calling the APIs exposed in the Configuration interface to add components to the default configuration.
4. Programmatically, by calling methods on the internal Logger class.
I’m using the properties file to set up log4j in this example.
Here is what my log4j.properties file looks like.
log4j.rootLogger=info,file log4j.appender.file=org.apache.log4j.FileAppender log4j.appender.file.File=program.log log4j.appender.File.MaxFileSize=5000KB log4j.appender.file.layout=org.apache.log4j.PatternLayout log4j.appender.file.layout.ConversionPattern=%d{dd MMM yyyy HH:mm:ss,SSS} %-4r [%t] %-5p %c{1} %x - %m%nThe logger can be set to info/debug etc. I have currently set it to info and logging all my details under info.
Then the logger should be declared and initialized in the class to be used.
static org.apache.log4j.Logger log = org.apache.log4j.Logger.getLogger(Stater.class);Since I’m using this in a static context I have declared the logger as static. If not the declaration would look like
private org.apache.log4j.Logger log = org.apache.log4j.Logger.getLogger(this.getClass());Note that you can use this.getclass() to get the class name in the non static context. *
Once the declaration has been done the log object can be used to pass information to the logs.
eg:
log.info("Process Destroyed.");So it’s time to dump the habit of printing stack traces and start logging the errors.
try { JFileChooser choose = new JFileChooser(); FileNameExtensionFilter filter = new FileNameExtensionFilter("HTML output", "html"); choose.setFileFilter(filter); int returnVal = choose.showOpenDialog(choose); if (returnVal == JFileChooser.APPROVE_OPTION) { System.out.println("You chose to open this file: " + choose.getSelectedFile().getName()); } } catch (IOException ex) { log.error(ex.getMessage(),ex); }Finally, if you are printing out the errors to a log file make sure the log file is secured and can be accessed by the people who have proper permission.
Failing to secure your logs will again get you into trouble,may be more than you already are in!😀
Please note that this is a sample just to get you started with logging and if you are using log4j or similar logging framework, there is a lot that can be achieved. I will leave that for you to explore.
KIT!
Like this:
Like Loading…
Related
Originally published at neatrick.wordpress.com on June 21, 2016.
