Plugin:org.tolven.performance

From DOC

Contents 1 Overview 2 Attributes 2.1 id 2.2 eventTime 2.3 sessionId 2.4 remoteUserName 2.5 accountUserId 2.6 remoteIP 2.7 localIP 2.8 requestURI 2.9 queryParams 2.10 method 2.11 element 2.12 elapsed 2.13 exceptions 3 Configuration 4 Version 2.1 Notes 4.1 Version 2.1.4 4.2 Version 2.1.3 4.3 Version 2.1.2 4.4 Version 2.1.0 5 Version Notes 5.1 Version 0.0.6 5.2 Version 0.0.5 5.3 Version 0.0.4 5.4 Version 0.0.3 5.5 Version 0.0.2 5.6 Version 0.0.1

Overview

When this plugin is activated, a performance row is written for each server transaction. This table also serves as an audit log for all server access initiated by web applications.

This plugin is not included by default, and is entirely optional. To include the plugin, add the following entry to your <tolven-config>/plugins.xml:

<plugin id="org.tolven.performance">
	<root />
</plugin>

Attributes

The following attributes are stored for each entry.

id

A unique id for each entry in performanceData. Note: This id is not guaranteed to be consecutive nor is the number guaranteed to increase by one for each new entry. This is because actions can occur in parallel and from multiple servers.

eventTime

The server timestamp when the even was recorded. This corresponds to the transactional "now" attribute typically used by all server behavior that records a timestamp within a given transaction.

sessionId

The servlet sessionId (JSESSIONID). Typically a session starts shortly before user login and is invalidated upon logout for that user.

remoteUserName

This name supplied by the user to login to Tolven. Same as principal or just username.

accountUserId

When the user is logged into an account, this is the id of the AccountUser entry that authorizes that access. If null, it means that the user is in the Vestibule and therefore has not yet selected an account to log into.

remoteIP

The IP address assigned to the remote user, that is, the user logged into the application.

localIP

The IP address of the Web Server listener. If more than one Tolven Web server is running, then each will normally have a different IP address.

requestURI

The URI of the request. You will notice that many URIs are common in Tolven. That is, the URI itself is generic and uses query parameters to narrow what is actually returned.

queryParams

The list of parameters passed to the server. These will typically include the element parameter which names the specific application element accessed such as a list or specific patient, staff, organization, location, etc.

Not all parameter values are stored in this way. For example, "password" is omitted from the list of parameters.

The params are concatenated as follows: paramName(<valueLength>)=value|<next param> For example:

serialNo(2)=15|original(9)=undefined|element(17)=echr:patients:all|accountUserId(4)=4000

method

The HTTP method used, typically GET or POST

element

The element query parameter is copied here for convenience

elapsed

The total elapsed time for the transaction in milliseconds. This is a real number so fractions of milliseconds are also available. This value does not account for any browser time or network time, only time on the server. Also note that, due to AJAX optimizations, many user interactions do not involve a server interaction at all. Thus, it would probably be unfair to use only these server performance records as the denominator in an average response time calculation.

The precise definition of this duration is that it includes the begin transaction and commit transaction but does not include all transmission time. In other words, this elapsed time includes the time needed to prepare the result and begin sending it but not the completion of that time. For example, if the network is slow, the eventual transmission time back to the browser is excluded.

exceptions

If the server interaction resulted in an exception, this field contains the exception (the underlying transaction will have been rolled back).

Configuration

It is now possible to configure the performance filter to exclude certain parameters from the database. In the example below, the parameter with id value has a regular expression, which prevents any request parameter that contains password (case-insensitive) from being stored in the database.

<extension id="password-property" plugin-id="org.tolven.component.tolvenweb" point-id="property">
	<parameter id="class" value="org.tolven.web.PerformanceFilter" />
	<parameter id="name" value="exclude-request-param" />
	<parameter id="value" value=".*(?i:password).*" />
</extension>

This particular extension exists in the performance filter itself, but you can place similar extensions in your own plugin.

Version 2.1 Notes

Version 2.1.4

• There was a bug in how the performance details were filtering. If you attempted to filter by "POST", it only showed rows with just POST, and not anything after. A fix was made to use a like comparison for method type in PerformanceDAOBean.
• The Patient drop-down box was not populated in the Admin Performance tab. A fix was made to use trim.getList() to display patient names in the performance details display filter section.
• Now supplies its entities and EJB interfaces to tolven.ear via an ear lib jar called performance-lib.jar.
• Only EJBs are now located in the performance-ejb.jar.
• Replaced the <listener>, <filter>, and <servlet> deployment descriptor tags in the web-fragment.xml and web.xml files with @WebListener, @WebFilter, and @WebServlet in cases where order is not important.
• Removed the "classes" extension for contributing classes to a war file's WEB-INF/classes directory to instead use a WEB-INF-LIB extension to contribute a jar containing those classes to the WEB-INF/lib directory of the war file.

Version 2.1.3

• All classes in web are now descendants of the package org.tolven.performance.web.
• Web classes are now provided not as loose classes in tolvenWEB's WEB-INF/classes directory, but instead as org.tolven.performance.web.jar in the WEB-INF/lib directory.
• Removed transaction parameter from filter extension.

Version 2.1.2

• Removed instVar PerformanceData.facesViewState, which is no longer required, because faces state is now client-based.
• Switched instVar PerformanceData.queryParams from varchar2 to CLOB so that it can accommodate more data.

Version 2.1.0

• DTR §170.302(r) - Record actions related to electronic health information in accordance with the standard specified in §170.210(b).

Version Notes

Version 0.0.6

1. Now uses the the same parameter names as Apache Ant for includes/include/excludes/exclude

Version 0.0.5

1. Moved the security question extension from performance plugin to password recovery plugin

Version 0.0.4

1. Moved password recovery classes from the tolvenejb/tolvenweb plugin to the password recovery plugin. Moved performance classes from the tolvenejb/tolvenweb plugin to the performance plugin.
2. The org.tolven.performance plugin is now optional, and by default is no longer included

Version 0.0.3

• Add element, when present, to the performance log. This allows more fine-grained auditing.
• Remove echr-specific application metadata from this plugin. This uses new wildcard extends annotation which makes the menu optional - and without mentioning an account-type.

Version 0.0.2

1. Fixed bug where the five/test directory files were not being copied to the tolvenWEB.war.

Version 0.0.1

1. Minor changes in Performance that will allow it to become optional in a later version