Menu
Hi i have problems with logback and slf4j, im writing simple app that later is packaging in jar and i want to add there logging using logback
im using:
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.7</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.1.3</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>1.1.3</version>
</dependency>
<dependency>
<groupId>org.apache.activemq</groupId>
<artifactId>activemq-client</artifactId>
<version>5.8.0</version>
</dependency>
<dependency>
<groupId>com.mchange</groupId>
<artifactId>c3p0</artifactId>
<version>${c3p0.version}</version>
</dependency>
<dependency>
<groupId>commons-pool</groupId>
<artifactId>commons-pool</artifactId>
<version>${commons.pool.version}</version>
</dependency>
<dependency>
<groupId>postgresql</groupId>
<artifactId>postgresql</artifactId>
<version>${postgresql.version}</version>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>${ehcache.version}</version>
</dependency>
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
<version>${gson.version}</version>
</dependency>
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<version>${jedis.version}</version>
</dependency>
in Main i have:
LoggerContext loggerContext = (LoggerContext) LoggerFactory.getILoggerFactory();
JoranConfigurator configurator = new JoranConfigurator();
configurator.setContext(loggerContext);
configurator.doConfigure(logbackFile)
it used for load logback.xml configuration outside of jar file
The funniest thing is that this program is working on local machine (Windows) (reading logback.xml, create file, write to file) but when i upload it to remote server (linux) i have strange error
Exception in thread "main" java.lang.ClassCastException: org.slf4j.impl.Log4jLoggerFactory cannot be cast to ch.qos.logback.classic.LoggerContext
the question is why he want to cast ch.qos.logback.classic.LoggerContext from org.slf4j.impl.Log4jLoggerFactory??
I dont have anywhere any lib of log4j... i mean i dont have it on entire machine
one additional info: on Windows i have Java from Oracle and on Linux i have openjdk - it can be a problem?
//=================dependency tree
[INFO] +- org.apache.activemq:activemq-client:jar:5.8.0:compile
[INFO] | +- org.apache.geronimo.specs:geronimo-jms_1.1_spec:jar:1.1.1:compile
[INFO] | +- org.fusesource.hawtbuf:hawtbuf:jar:1.9:compile
[INFO] | \- org.apache.geronimo.specs:geronimo-j2ee-management_1.1_spec:jar:1.0.1:compile
[INFO] +- com.mchange:c3p0:jar:0.9.2-pre6:compile
[INFO] | \- com.mchange:mchange-commons-java:jar:0.2.3.1:compile
[INFO] +- commons-pool:commons-pool:jar:1.6:compile
[INFO] +- postgresql:postgresql:jar:9.1-901.jdbc4:compile
[INFO] +- net.sf.ehcache:ehcache:jar:2.9.0:compile
[INFO] +- com.google.code.gson:gson:jar:2.2.4:compile
[INFO] +- redis.clients:jedis:jar:2.1.0:compile
[INFO] +- org.slf4j:slf4j-api:jar:1.7.5:compile
[INFO] +- ch.qos.logback:logback-classic:jar:1.1.3:compile
[INFO] +- ch.qos.logback:logback-core:jar:1.1.3:compile
[INFO] \- junit:junit:jar:4.11:test
[INFO] \- org.hamcrest:hamcrest-core:jar:1.3:test
863
Logback uses the same concepts as Log4j. So it's no surprise that even if they are using different file formats, their configurations are very similar. The following code snippet shows the same configuration as I used with Log4j.
Spring Boot supports Log4j 2 for logging configuration if it is on the classpath. If you are using the starters for assembling dependencies that means you have to exclude Logback and then include log4j 2 instead. If you aren't using the starters then you need to provide jcl-over-slf4j (at least) in addition to Log4j 2.
Smile CDR and HAPI FHIR use two complementary logging systems (SLF4J and Logback) for all of our system logging. These libraries are completely separate from log4j (the target of the CVE) and are not affected by this vulnerability.
Due to an already existing dependency of SLF4J in your project or in some other inherited project, there might be conflicts during runtime. Adding an exclusion to my POM file worked for me:
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
</exclusions>
Trying taking out the dependency
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.7</version>
</dependency>
This Dependency is included in
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.1.3</version>
</dependency>
As you see in the logback-classic pom file - http://central.maven.org/maven2/ch/qos/logback/logback-classic/1.1.3/logback-classic-1.1.3.pom
Also make sure that when you initialize your logger that it is modeled after
private static final Logger LOG = LoggerFactory
.getLogger(ClassName.class)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
