Remove JBoss/Tomcat Agent limitations for modern Java applications

Idea created by johnmcteague on Aug 19, 2016
    Not planned
    • Eric Laney

    The JBoss/Tomcat agent for siteminder allows a pure java deployment of an application (no Apache httpd required), however modern application development is moving towards containerless models, in particular Spring Boot.


    We package applications using Spring Boot and include the siteminder agent (spring boot allows me to programmatically add the relevant config to the embedded tomcat application).


    However, the tomcat agent is highly dependant on log4j 1.x which is now EOL and also not necessarily the goto choice for logging these days. In particular with spring boot, slf4j is the default, however the log4j to slf4j bridge (which attempts to be a binary drop in for log4j to instead use slf4j) is not compatible with the siteminder agent since it uses low level log4j ap;s.


    The suggestion is to switch to a logging abstraction such as commons-logging to slf4j to eliminate incompatibilities and open up a number of more modern app deployment patterns that our company is looking to leverage.