Utility Servlets Packaged with Bloomreach Experience Manager
Introduction
In addition to the CMS and Console application two servlets are bundled with Bloomreach Experience Manager which are active by default (unless you have a custom WEB-INF/web.xml or have copied the original WEB-INF/web.xml into your own packaging).
Servlets
The following servlets are packaged with Bloomreach Experience Manager:
- LoggingServlet
By default deployed on <context-root>/logging/
Provides access to and control over the logging information written in log files. This servlet is not required but is especially useful for test environments and problem solving when no full access is available to the system. Via the <context-root>/logging browser interface you can only change the log level of a specific (class) logger.
If you want to change the log level of a logger configured in log4j2.xml, for example you want to set <logger name="org.hippoecm.hst" level="info"> to debug, you can request:<context-root>/logging/?ll=org.hippoecm.hst:DEBUG
Setting the package-level log levels like above only works if there is a corresponding entry in log4j2.xml. - RepositoryServlet
By default deployed on <context-root>/repository/
Runs the content repository and provides a simple browse interface through authorised access. -
PingServlet
By default deployed on <context-root>/ping/
Simple servlet to check if the content repository is up and running. If everything is as it should be it will return the following message:OK - Repository online and accessible.
Both the CMS (authoring) and HST (delivery) applications provide a PingServlet on <context-root>/ping/.Since CMS 12.2, the HST (delivery) application ships with a PingFilter which is preferrable over the PingServlet.
Security notes
You can choose to modify all deployment paths under a common path, such as <context-root>/admin/repository, <context-root>/admin/logging and then use your application container to restrict the access to all of the <context-root>/admin. Without any restriction these servlets are open to anyone and even though your content is secured by means of basic authentication, you might want to hide information such as current memory usage of the system. By placing the above servlets under a common path and placing administration rules in your application container you can restrict the access to only access from your own intranet or with more extensive authentication requirements. Note that the LoggingServlet may be removed all together, but it can be an invaluable asset when problem-solving.