ppkarwasz commented on issue #3074: URL: https://github.com/apache/logging-log4j2/issues/3074#issuecomment-2446935514
Hi @MichaelMorrisEst , > The spring boot implementation is exactly the type of functionality we are looking for. We already use this for SSL communication in our code in our spring boot based applications and implement a similar mechanism in our application code where we are not using spring boot. Thanks for the details. I should probably note that I am not strongly opposed to allowing on-the-fly updates to the "SSL subsystem" of Log4j Core, I am a little bit concerned about the complexity of the task. Theoretically support for `SSLContext` rotation seems like a **great** feature, but the devil is in the details. We already have some _mutable_ parts in Log4j Core: * The `Configuration` itself can be replaced and I believe that this is a mechanism that works well. There are minor hiccups (like #3043), but otherwise it is all sunshine and rainbows. * We allow users to modify log levels on the fly and we even provide an [API to modify levels](https://logging.apache.org/log4j/2.x/javadoc/log4j-core/org/apache/logging/log4j/core/config/Configurator.html). * We have a [`RollingFile` appender](https://logging.apache.org/log4j/2.x/manual/appenders/rolling-file.html) that regularly performs file rollovers. This is an [endless source of bugs](https://github.com/apache/logging-log4j2/issues?q=is%3Aopen+is%3Aissue+label%3Aappenders%3ARolling). * We have a recently added [`MutableContextMapFilter`](https://logging.apache.org/log4j/2.x/manual/filters.html#MutableThreadContextMapFilter) that updates its configuration on-the-fly. The mechanism is probably not bug-free. All these systems (of course) use an _ad-hoc_ or partially shared update mechanism. I think what we need is: * a **minimal** system to send events to a `LoggerContext`, like [Spring events](https://www.baeldung.com/spring-events). You could use that system to inform Log4j Core that the SSL configuration has changed. * a way to configure which event to send, when a particular file has changed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@logging.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
