How to change application logging level runtime without restarting the application? There are many ways to accomplish this, but in my case I had certain special needs: first, ability of changing the logging level locally on a server runtime, because I don’t want to expose JMX or HTTP API due to security reasons. Otherwise I could have chosen for example Jolokia JMX-HTTP bridge for instance. Second, I wanted to use operating system’s own authentication, and NOT implementing yet another username / password authentication! Third, command line (CLI) is preferred, because it is secure due to requiring an OS account. In short:
- Since locally, I need to use Command Line interface aka CLI
- Since using CLI, I need to use local user account for login
- For extra level of security in CLI, you could enable 2FA with 2FA PAM module
- To access logging, I need to use ava.util.logging.LoggingMXBean
- I need to create a server thread for my Java app, and a client to access it
The final library is available on Github.
P.S. Check PAM (libpam4j) for Linux and SPNEGO (http/spnego) authentication for Windows
UnixUser user = null; try { user = new PAM("pamservice").authenticate("username","password"); // authentication success } catch (PAMException ex){ // authentication failed }