Removed explicit dependency on log4j (#1563)

* Removed explicit dependency on log4j

Signed-off-by: Dave Lago <[email protected]>

pom.xml

@@ -74,6 +74,7 @@
         <netty-native.version>2.0.25.Final</netty-native.version>
         <bc.version>1.67</bc.version>
         <log4j.version>2.17.1</log4j.version>
+        <slf4j.version>1.7.32</slf4j.version>
         <guava.version>25.1-jre</guava.version>
         <commons.cli.version>1.3.1</commons.cli.version>
         <jackson-databind.version>2.11.2</jackson-databind.version>
@@ -161,10 +162,6 @@
                     <artifactId>jts</artifactId>
                     <groupId>com.vividsolutions</groupId>
                 </exclusion>
-                <exclusion>
-                    <artifactId>log4j-api</artifactId>
-                    <groupId>org.apache.logging.log4j</groupId>
-                </exclusion>
                 <exclusion>
                     <artifactId>spatial4j</artifactId>
                     <groupId>org.locationtech.spatial4j</groupId>
@@ -207,13 +204,6 @@
             <scope>provided</scope>
         </dependency>
 
-        <dependency>
-            <groupId>org.apache.logging.log4j</groupId>
-            <artifactId>log4j-core</artifactId>
-            <version>${log4j.version}</version>
-            <scope>provided</scope>
-        </dependency>
-
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
@@ -226,16 +216,17 @@
             </exclusions>
         </dependency>
 
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>${slf4j.version}</version>
+        </dependency>
+
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
-            <artifactId>log4j-slf4j-impl</artifactId>
+            <artifactId>log4j-core</artifactId>
             <version>${log4j.version}</version>
-            <exclusions>
-                <exclusion>
-                    <groupId>org.apache.logging.log4j</groupId>
-                    <artifactId>log4j-api</artifactId>
-                </exclusion>
-            </exclusions>
+            <scope>test</scope>
         </dependency>
 
         <dependency>

src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java

@@ -26,8 +26,8 @@
 import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
 import org.apache.http.HttpHeaders;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.OpenSearchSecurityException;
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.Strings;
@@ -46,7 +46,7 @@
 import org.opensearch.security.user.AuthCredentials;
 
 public abstract class AbstractHTTPJwtAuthenticator implements HTTPAuthenticator {
-    private final static Logger log = LogManager.getLogger(AbstractHTTPJwtAuthenticator.class);
+    private final static Logger log = LoggerFactory.getLogger(AbstractHTTPJwtAuthenticator.class);
 
     private static final String BEARER = "bearer ";
     private static final Pattern BASIC = Pattern.compile("^\\s*Basic\\s.*", Pattern.CASE_INSENSITIVE);
@@ -108,7 +108,7 @@ private AuthCredentials extractCredentials0(final RestRequest request) throws Op
         try {
             jwt = jwtVerifier.getVerifiedJwtToken(jwtString);
         } catch (AuthenticatorUnavailableException e) {
-            log.info(e);
+            log.info(e.toString());
             throw new OpenSearchSecurityException(e.getMessage(), RestStatus.SERVICE_UNAVAILABLE);
         } catch (BadCredentialsException e) {
             log.info("Extracting JWT token from {} failed", jwtString, e);

src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java

@@ -29,8 +29,8 @@
 import java.util.regex.Pattern;
 
 import org.apache.http.HttpHeaders;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.OpenSearchSecurityException;
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.settings.Settings;
@@ -51,7 +51,7 @@
 
 public class HTTPJwtAuthenticator implements HTTPAuthenticator {
 
-    protected final Logger log = LogManager.getLogger(this.getClass());
+    protected final Logger log = LoggerFactory.getLogger(this.getClass());
 
     private static final Pattern BASIC = Pattern.compile("^\\s*Basic\\s.*", Pattern.CASE_INSENSITIVE);
     private static final String BEARER = "bearer ";

src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/HTTPJwtKeyByOpenIdConnectAuthenticator.java

@@ -24,7 +24,7 @@
 
 public class HTTPJwtKeyByOpenIdConnectAuthenticator extends AbstractHTTPJwtAuthenticator {
 
-	//private final static Logger log = LogManager.getLogger(HTTPJwtKeyByOpenIdConnectAuthenticator.class);
+	//private final static Logger log = LoggerFactory.getLogger(HTTPJwtKeyByOpenIdConnectAuthenticator.class);
 
 	public HTTPJwtKeyByOpenIdConnectAuthenticator(Settings settings, Path configPath) {
 		super(settings, configPath);

src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/JwtVerifier.java

@@ -27,14 +27,14 @@
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
 import org.apache.cxf.rs.security.jose.jwt.JwtUtils;
 import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 
 import com.google.common.base.Strings;
 
 public class JwtVerifier {
 
-	private final static Logger log = LogManager.getLogger(JwtVerifier.class);
+	private final static Logger log = LoggerFactory.getLogger(JwtVerifier.class);
 
 	private final KeyProvider keyProvider;
 

src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetriever.java

@@ -33,15 +33,15 @@
 import org.apache.http.impl.client.cache.BasicHttpCacheStorage;
 import org.apache.http.impl.client.cache.CacheConfig;
 import org.apache.http.impl.client.cache.CachingHttpClients;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 
 import com.amazon.dlic.auth.http.jwt.oidc.json.OpenIdProviderConfiguration;
 import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfig;
 
 
 public class KeySetRetriever implements KeySetProvider {
-	private final static Logger log = LogManager.getLogger(KeySetRetriever.class);
+	private final static Logger log = LoggerFactory.getLogger(KeySetRetriever.class);
 	private static final long CACHE_STATUS_LOG_INTERVAL_MS = 60L * 60L * 1000L;
 
 	private String openIdConnectEndpoint;

src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySet.java

@@ -24,13 +24,13 @@
 
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 
 import com.google.common.base.Strings;
 
 public class SelfRefreshingKeySet implements KeyProvider {
-	private static final Logger log = LogManager.getLogger(SelfRefreshingKeySet.class);
+	private static final Logger log = LoggerFactory.getLogger(SelfRefreshingKeySet.class);
 
 	private final KeySetProvider keySetProvider;
 	private final ThreadPoolExecutor threadPoolExecutor = new ThreadPoolExecutor(1, 10, 1000, TimeUnit.MILLISECONDS,
@@ -157,7 +157,7 @@ private synchronized JsonWebKey waitForRefreshToFinish(String kid) {
 			wait(queuedThreadTimeoutMs);
 		} catch (InterruptedException e) {
 			Thread.currentThread().interrupt();
-			log.debug(e);
+			log.debug(e.toString());
 		}
 
 		// Just be optimistic and re-check the key
@@ -246,7 +246,7 @@ public void run() {
 				wait(requestTimeoutMs);
 			} catch (InterruptedException e) {
 				Thread.currentThread().interrupt();
-				log.debug(e);
+				log.debug(e.toString());
 			}
 
 			JsonWebKey result = getKeySimple(kid);

src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java

@@ -33,8 +33,8 @@
 import javax.security.auth.Subject;
 import javax.security.auth.login.LoginException;
 
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.ExceptionsHelper;
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.settings.Settings;
@@ -65,7 +65,7 @@ public class HTTPSpnegoAuthenticator implements HTTPAuthenticator {
     private static final String EMPTY_STRING = "";
     private static final Oid[] KRB_OIDS = new Oid[] {KrbConstants.SPNEGO, KrbConstants.KRB5MECH};
 
-    protected final Logger log = LogManager.getLogger(this.getClass());
+    protected final Logger log = LoggerFactory.getLogger(this.getClass());
 
     private boolean stripRealmFromPrincipalName;
     private Set<String> acceptorPrincipal;

src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java

@@ -40,8 +40,8 @@
 import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
 import org.apache.cxf.rs.security.jose.jwt.JwtUtils;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.OpenSearchSecurityException;
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.bytes.BytesReference;
@@ -68,8 +68,8 @@
 import com.onelogin.saml2.util.Util;
 
 class AuthTokenProcessorHandler {
-    private static final Logger log = LogManager.getLogger(AuthTokenProcessorHandler.class);
-    private static final Logger token_log = LogManager.getLogger("com.amazon.dlic.auth.http.saml.Token");
+    private static final Logger log = LoggerFactory.getLogger(AuthTokenProcessorHandler.class);
+    private static final Logger token_log = LoggerFactory.getLogger("com.amazon.dlic.auth.http.saml.Token");
     private static final Pattern EXPIRY_SETTINGS_PATTERN = Pattern.compile("\\s*(\\w+)\\s*(?:\\+\\s*(\\w+))?\\s*");
 
     private Saml2SettingsProvider saml2SettingsProvider;

src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java

@@ -26,8 +26,8 @@
 import net.shibboleth.utilities.java.support.xml.BasicParserPool;
 import org.apache.commons.lang3.StringEscapeUtils;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.OpenSearchSecurityException;
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.settings.Settings;
@@ -73,7 +73,7 @@
 
 
 public class HTTPSamlAuthenticator implements HTTPAuthenticator, Destroyable {
-    protected final static Logger log = LogManager.getLogger(HTTPSamlAuthenticator.class);
+    protected final static Logger log = LoggerFactory.getLogger(HTTPSamlAuthenticator.class);
 
     public static final String IDP_METADATA_URL = "idp.metadata_url";
     public static final String IDP_METADATA_FILE = "idp.metadata_file";

src/main/java/com/amazon/dlic/auth/http/saml/Saml2SettingsProvider.java

@@ -26,8 +26,8 @@
 import java.util.Set;
 import java.util.stream.Collectors;
 
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.settings.Settings;
@@ -52,7 +52,7 @@
 import net.shibboleth.utilities.java.support.resolver.ResolverException;
 
 public class Saml2SettingsProvider {
-    protected final static Logger log = LogManager.getLogger(Saml2SettingsProvider.class);
+    protected final static Logger log = LoggerFactory.getLogger(Saml2SettingsProvider.class);
 
     private final Settings opensearchSettings;
     private final MetadataResolver metadataResolver;

src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthenticationBackend.java

@@ -27,8 +27,8 @@
 import java.util.UUID;
 
 import org.apache.commons.lang3.tuple.Pair;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.OpenSearchSecurityException;
 import org.opensearch.common.settings.Settings;
 
@@ -53,7 +53,7 @@ public class LDAPAuthenticationBackend implements AuthenticationBackend {
     static final String DEFAULT_USERBASE = "";
     static final String DEFAULT_USERSEARCH_PATTERN = "(sAMAccountName={0})";
 
-    protected static final Logger log = LogManager.getLogger(LDAPAuthenticationBackend.class);
+    protected static final Logger log = LoggerFactory.getLogger(LDAPAuthenticationBackend.class);
 
     private final Settings settings;
     private final Path configPath;

src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthorizationBackend.java

@@ -43,8 +43,8 @@
 import javax.naming.InvalidNameException;
 import javax.naming.ldap.LdapName;
 
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.OpenSearchSecurityException;
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.Strings;
@@ -99,7 +99,7 @@ public class LDAPAuthorizationBackend implements AuthorizationBackend {
     static final String DEFAULT_ROLENAME = "name";
     static final String DEFAULT_USERROLENAME = "memberOf";
 
-    protected static final Logger log = LogManager.getLogger(LDAPAuthorizationBackend.class);
+    protected static final Logger log = LoggerFactory.getLogger(LDAPAuthorizationBackend.class);
     private final Settings settings;
     private final WildcardMatcher skipUsersMatcher;
     private final WildcardMatcher nestedRoleMatcher;

src/main/java/com/amazon/dlic/auth/ldap/util/Utils.java

@@ -25,16 +25,16 @@
 import java.util.Map;
 import java.util.Set;
 
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.settings.Settings;
 import org.ldaptive.Connection;
 import org.ldaptive.LdapAttribute;
 
 public final class Utils {
 
-    private static final Logger log = LogManager.getLogger(Utils.class);
+    private static final Logger log = LoggerFactory.getLogger(Utils.class);
 
     private Utils() {
 

src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthenticationBackend2.java

@@ -25,8 +25,8 @@
 import java.util.Collections;
 import java.util.UUID;
 
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.OpenSearchSecurityException;
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.settings.Settings;
@@ -51,7 +51,7 @@
 
 public class LDAPAuthenticationBackend2 implements AuthenticationBackend, Destroyable {
 
-    protected static final Logger log = LogManager.getLogger(LDAPAuthenticationBackend2.class);
+    protected static final Logger log = LoggerFactory.getLogger(LDAPAuthenticationBackend2.class);
 
     private final Settings settings;
 

src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthorizationBackend2.java

@@ -31,8 +31,8 @@
 import javax.naming.InvalidNameException;
 import javax.naming.ldap.LdapName;
 
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.OpenSearchSecurityException;
 import org.opensearch.SpecialPermission;
 import org.opensearch.common.Strings;
@@ -68,7 +68,7 @@ public class LDAPAuthorizationBackend2 implements AuthorizationBackend, Destroya
     static final String DEFAULT_ROLENAME = "name";
     static final String DEFAULT_USERROLENAME = "memberOf";
 
-    protected static final Logger log = LogManager.getLogger(LDAPAuthorizationBackend2.class);
+    protected static final Logger log = LoggerFactory.getLogger(LDAPAuthorizationBackend2.class);
     private final Settings settings;
     private final WildcardMatcher skipUsersMatcher;
     private final WildcardMatcher nestedRoleMatcher;

src/main/java/com/amazon/dlic/auth/ldap2/LDAPConnectionFactoryFactory.java

@@ -22,8 +22,8 @@
 import java.util.List;
 import java.util.Map;
 
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.Logger;
 import org.opensearch.common.settings.Settings;
 import org.ldaptive.ActivePassiveConnectionStrategy;
 import org.ldaptive.BindConnectionInitializer;
@@ -67,7 +67,7 @@
 
 public class LDAPConnectionFactoryFactory {
 
-    private static final Logger log = LogManager.getLogger(LDAPConnectionFactoryFactory.class);
+    private static final Logger log = LoggerFactory.getLogger(LDAPConnectionFactoryFactory.class);
 
     private final Settings settings;
     private final SettingsBasedSSLConfigurator.SSLConfig sslConfig;