add error logging for browser propagation with disabled exporter

inspectit-ocelot-config/src/main/resources/rocks/inspectit/ocelot/config/default/exporters.yml

@@ -103,10 +103,11 @@ inspectit:
     # settings for tags exporters
     tags:
       # settings for the http-server exporter
+      # note that this server does not provide any encryption or performs any authentication
       http:
         enabled: DISABLED
         # the host of the http-server
-        host: 0.0.0.0
+        host: 127.0.0.1
         # the port of the http-server
         port: 9000
         # the path for the endpoint of the http-server

inspectit-ocelot-core/src/main/java/rocks/inspectit/ocelot/core/exporter/BrowserPropagationHttpExporterService.java

@@ -66,6 +66,7 @@ protected boolean doEnable(InspectitConfig configuration) {
         int sessionLimit = settings.getSessionLimit();
         sessionStorage = BrowserPropagationSessionStorage.getInstance();
         sessionStorage.setSessionLimit(sessionLimit);
+        sessionStorage.setExporterActive(true);
 
         String sessionIdHeader = settings.getSessionIdHeader();
         List<String> allowedOrigins = settings.getAllowedOrigins();
@@ -81,6 +82,7 @@ protected boolean doDisable() {
                 log.info("Stopping Tags HTTP-Server");
                 server.stop();
                 sessionStorage.clearDataStorages();
+                sessionStorage.setExporterActive(false);
             } catch (Exception e) {
                 log.error("Error disabling Tags HTTP-Server", e);
             }

inspectit-ocelot-core/src/main/java/rocks/inspectit/ocelot/core/instrumentation/browser/BrowserPropagationSessionStorage.java

@@ -14,12 +14,17 @@
 @Slf4j
 public class BrowserPropagationSessionStorage {
 
-    private static final int KEY_MIN_SIZE = 64;
+    private static final int KEY_MIN_SIZE = 16;
     private static final int KEY_MAX_SIZE = 512;
 
-    @Getter
-    @Setter
+    @Getter @Setter
     private int sessionLimit = 100;
+    /**
+     * Boolean, which helps to create error messages, if browser propagation is tried, but exporter is disabled
+     */
+    @Getter @Setter
+    private boolean isExporterActive = false;
+
     private static BrowserPropagationSessionStorage instance;
     private final ConcurrentMap<String, BrowserPropagationDataStorage> dataStorages;
 

inspectit-ocelot-core/src/main/java/rocks/inspectit/ocelot/core/instrumentation/context/InspectitContextImpl.java

@@ -202,6 +202,11 @@ public class InspectitContextImpl implements InternalInspectitContext {
      */
     private SpanContext remoteParentContext;
 
+    /**
+     * Session storage for all data storages that should be created for each session
+     */
+    private BrowserPropagationSessionStorage browserPropagationSessionStorage;
+
     /**
      * Data storage for all tags that should be propagated up to or down from the browser
      */
@@ -213,6 +218,7 @@ private InspectitContextImpl(InspectitContextImpl parent, PropagationMetaData de
         this.interactWithApplicationTagContexts = interactWithApplicationTagContexts;
         dataOverwrites = new HashMap<>();
         openingThread = Thread.currentThread();
+        browserPropagationSessionStorage = BrowserPropagationSessionStorage.getInstance();
 
         if (parent == null) {
             postEntryPhaseDownPropagatedData = new HashMap<>();
@@ -306,8 +312,7 @@ public SpanContext getAndClearCurrentRemoteSpanContext() {
     public void makeActive() {
         Object currentSessionID = getData(REMOTE_SESSION_ID);
         if(currentSessionID != null) {
-            BrowserPropagationSessionStorage sessionStorage = BrowserPropagationSessionStorage.getInstance();
-            browserPropagationDataStorage = sessionStorage.getOrCreateDataStorage(currentSessionID.toString());
+            browserPropagationDataStorage = browserPropagationSessionStorage.getOrCreateDataStorage(currentSessionID.toString());
         }
 
 
@@ -469,8 +474,13 @@ public void close() {
         }
 
         // Write browser propagation data to storage
+        Map<String, Object> browserPropagationData = getBrowserPropagationData(dataOverwrites);
         if(browserPropagationDataStorage != null)
-            browserPropagationDataStorage.writeData(getBrowserPropagationData(dataOverwrites));
+            browserPropagationDataStorage.writeData(browserPropagationData);
+
+        //If there is browser propagation data, but exporter is disabled, write error message
+        if(!browserPropagationData.isEmpty() && !browserPropagationSessionStorage.isExporterActive())
+            log.error("Unable to propagate data: {} Browser propagation is disabled, since no Tags-exporter is enabled", browserPropagationData);
 
         // Delete session ID after root span is closed
         if(parent == null) {

inspectit-ocelot-core/src/test/java/rocks/inspectit/ocelot/core/instrumentation/browser/BrowserPropagationDataStorageTest.java

@@ -38,6 +38,7 @@ public class BrowserPropagationDataStorageTest extends SpringTestBase {
     void prepareTest() {
         // Create session storage to store BrowserPropagationDataStorages
         sessionStorage = BrowserPropagationSessionStorage.getInstance();
+        sessionStorage.setExporterActive(true);
         // Create HTTP header to pass it to the initial InspectIT-Context
         headers = new HashMap<>();
         headers.put(sessionIdHeader, sessionId);
@@ -144,6 +145,7 @@ void verifyValidEntries() {
             InspectitContextImpl ctx = InspectitContextImpl.createFromCurrent(Collections.emptyMap(), propagation, false);
             ctx.readDownPropagationHeaders(headers);
             ctx.makeActive();
+            // Create too long key and value
             String dummyKey = IntStream.range(1, 130).mapToObj(i -> "x").collect(Collectors.joining());
             String dummyValue = IntStream.range(1,2050).mapToObj(i -> "y").collect(Collectors.joining());
 

inspectit-ocelot-core/src/test/java/rocks/inspectit/ocelot/core/instrumentation/browser/BrowserPropagationSessionStorageTest.java

@@ -7,7 +7,7 @@
 public class BrowserPropagationSessionStorageTest {
 
     private static final String validSessionID = "test=83311527d6a6de76a60a72a041808a63;b0b2b4cf=ad9fef38-4942-453a-9243-7d8422803604";
-    private static final String anotherValidSessionID = "test=83311527d6a6de76a60a72a041808a63;b0b2b4cf=ad9fef38-4942-453a-9243-92439b443924";
+    private static final String anotherValidSessionID = "test=83311527d6a";
     private static final String shortSessionID = "test-session";
     private static final String longSessionID = "test1=83311527d6a6de76a60a72a041808a63;b0b2b4cf=ad9fef38-49c42-45b3a-9243-7d8422803604-92439b443924;test2=83311527d6a6de76a60a72a041808a63;b0b2b4cf=ad9fef38-49c42-45b3a-9243-7d8422803604-92439b443924;test3=83311527d6a6de76a60a72a041808a63;b0b2b4cf=ad9fef38-49c42-45b3a-9243-7d8422803604-92439b443924;test4=83311527d6a6de76a60a72a041808a63;b0b2b4cf=ad9fef38-49c42-45b3a-9243-7d8422803604-92439b443924;test5=83311527d6a6de76a60a72a041808a63;b0b2b4cf=ad9fef38-49c42-45b3a-9243-7d8422803604-92439b443924;test6=83311527d6a6de76a60a72a041808a63;b0b2b4cf=ad9fef38-49c42-45b3a-9243-7d8422803604-92439b443924;";
 

inspectit-ocelot-documentation/docs/tags/tags-exporters.md

@@ -17,10 +17,14 @@ One GET-endpoint to expose data to external applications and one PUT-endpoint to
 The server is by default started on the port `9000` and data can then be accessed or written by 
 calling 'http://localhost:9000/inspectit'
 
-#### Runtime Updates
+#### Production environment
 
-All properties of the HTTP-exporter can be updated during runtime. However, changing properties will result in a server
-restart, which also deletes all data currently stored in the server.
+The Tags HTTP exporter does not provide any encryption of data and does not perform any authentication.
+Thus, this server should not be exposed directly to the public in a production environment.
+It is recommended to set up a proxy in front of this server, which handles encryption and authentication.
+
+The server performs authorization with checking, whether the request origin is allowed to access the server. 
+Additionally, every request has to provide a session-ID to access their own session data.
 
 #### Session identification
 
@@ -43,31 +47,37 @@ Sessions will be deleted after their _time-to-live_ is expired.
 #### Session limits
 
 There are some limitations for every session to prevent excessive memory consumption.
-Every session is able to contain up to **128 data keys**. The maximum length for data keys are **128 chars**. The maximum length for data values are **2048 chars**.
+The length of the session-id is restricted to a minimum of 16 characters and a maximum of 512 characters.
+Furthermore, every session is able to contain up to **128 data keys**. 
+The maximum length for data keys are **128 chars**. The maximum length for data values are **2048 chars**.
+
+#### Runtime Updates
+
+All properties of the HTTP-exporter can be updated during runtime. However, changing properties will result in a server
+restart, which also deletes all data currently stored in the server.
 
 The following properties are nested properties below the `inspectit.exporters.tags.http` property:
 
 | Property             | Default      | Description
 |----------------------|--------------|---|
 | `.enabled`           | `DISABLED`   |If `ENABLED` or `IF_CONFIGURED`, the inspectIT Ocelot agent will try to start the exporter and HTTP server.
-| `.host`              | `0.0.0.0`    |The hostname or network address to which the HTTP server should bind.
+| `.host`              | `127.0.0.1`  |The hostname or network address to which the HTTP server should bind.
 | `.port`              | `9000`       |The port the HTTP server should use.
 | `.path`              | `/inspectit` |The path on which the HTTP endpoints will be available.
 | `.allowed-origins`   | `["*"]`      |A list of allowed origins, which are able to access the http-server.
 | `.session-limit`     | `100`        |How many sessions can be stored in the server at the same time.
 | `.session-id-header` | `Cookie`     |The header, which will be read during propagation to extract the session-ID from
 | `.time-to-live`      | `300`        |How long sessions should be stored in the server in seconds.
 
-
-The data of the HTTP exporter is stored inside internal data storages. Data tags will only be written to the storage
+The data of the HTTP exporter is stored inside internal data storages. Data tags will only be written to the storage,
 if they are enabled for [browser propagation](../instrumentation/rules.md#data-propagation).
 
 ### Client Example
 
 This example should demonstrate, how you can call the REST-API in your frontend application.
 
 ```javascript
-// Send some requests to create data, which can be stored in the Tags HTTP-server
+// Send some requests to transfer the session-id to inspectIT
 callBackend();
 
 // Send GET-request
@@ -177,6 +187,8 @@ paths:
               example: '[{"key1": "value1"}, {"key2": "value2"}]'
         '400':
           description: Failure - Missing session-ID-header
+        '403':
+          description: Forbidden - Not allowed Origin header
         '404':
           description: Failure - Session-ID not found in session-ID-header
     put:
@@ -208,6 +220,8 @@ paths:
           description: Success - Data tags have been written
         '400':
           description: Failure - Invalid request body or missing session-ID-header
+        '403':
+          description: Forbidden - Not allowed Origin header
         '404':
           description: Failure - Session-ID not found in session-ID-header
     options:
@@ -248,7 +262,7 @@ components:
         ID of the current session. The session-ID-header-name can be configured in the InspectIT configuration-server.
         Per default, the Cookie-Header will be used as the session-ID-header.
 
-        The length of the session-id is restricted to a minimum of 64 characters and a maximum of 512 characters.
+        The length of the session-id is restricted to a minimum of 16 characters and a maximum of 512 characters.
       name: Cookie
       in: header
 externalDocs: