tessl/maven-com-alibaba--druid-spring-boot-starter
Spring Boot starter that provides auto-configuration and integration support for Alibaba Druid database connection pool and monitoring system.
—
Pending
monitoring-integration.mddocs/
Monitoring Integration
The Druid Spring Boot Starter provides comprehensive monitoring capabilities including web-based console, request statistics, and AOP method monitoring with configurable security and filtering options.
Capabilities
StatViewServlet Configuration
Web-based monitoring console that provides real-time database connection pool statistics and SQL execution monitoring.
/**
* Auto-configuration for Druid's web monitoring console
* Only activates when explicitly enabled for security reasons
*/
@ConditionalOnWebApplication
@ConditionalOnProperty(name = "spring.datasource.druid.stat-view-servlet.enabled", havingValue = "true")
public class DruidStatViewServletConfiguration {
/**
* Creates and configures ServletRegistrationBean for StatViewServlet
* Applies security settings including IP filtering and authentication
* @param properties DruidStatProperties containing servlet configuration
* @return Configured ServletRegistrationBean for monitoring console
*/
@Bean
public ServletRegistrationBean statViewServletRegistrationBean(DruidStatProperties properties);
}Key Features:
- Real-time Monitoring: Live database connection pool metrics and SQL statistics
- Security Controls: IP-based access control and login authentication
- Customizable URLs: Configurable servlet mapping patterns
- Reset Functionality: Optional ability to reset monitoring statistics
Configuration Example:
# Enable monitoring console
spring.datasource.druid.stat-view-servlet.enabled=true
spring.datasource.druid.stat-view-servlet.url-pattern=/druid/*
spring.datasource.druid.stat-view-servlet.login-username=admin
spring.datasource.druid.stat-view-servlet.login-password=secure123
spring.datasource.druid.stat-view-servlet.allow=127.0.0.1,10.0.0.0/8
spring.datasource.druid.stat-view-servlet.deny=192.168.0.100
spring.datasource.druid.stat-view-servlet.reset-enable=falseAccess: Once configured, access the monitoring console at http://your-app/druid/index.html
WebStatFilter Configuration
HTTP request statistics collection filter that monitors web application performance and usage patterns.
/**
* Auto-configuration for web request statistics collection
* Only activates when explicitly enabled and in web application context
*/
@ConditionalOnWebApplication
@ConditionalOnProperty(name = "spring.datasource.druid.web-stat-filter.enabled", havingValue = "true")
public class DruidWebStatFilterConfiguration {
/**
* Creates and configures FilterRegistrationBean for WebStatFilter
* Sets up URL patterns, exclusions, and session tracking options
* @param properties DruidStatProperties containing filter configuration
* @return Configured FilterRegistrationBean for web request monitoring
*/
@Bean
public FilterRegistrationBean webStatFilterRegistrationBean(DruidStatProperties properties);
}Monitoring Capabilities:
- Request Statistics: URL access patterns, response times, and error rates
- Session Tracking: User session statistics and behavior analysis
- Performance Metrics: Request duration histograms and throughput metrics
- User Identification: Principal-based user activity tracking
Configuration Example:
# Enable web request monitoring
spring.datasource.druid.web-stat-filter.enabled=true
spring.datasource.druid.web-stat-filter.url-pattern=/*
spring.datasource.druid.web-stat-filter.exclusions=*.js,*.css,*.ico,/druid/*,/static/*
spring.datasource.druid.web-stat-filter.session-stat-enable=true
spring.datasource.druid.web-stat-filter.session-stat-max-count=2000
spring.datasource.druid.web-stat-filter.principal-session-name=user
spring.datasource.druid.web-stat-filter.profile-enable=trueAOP Method Monitoring
Spring AOP integration for monitoring method execution times and call patterns in service and DAO layers.
/**
* Auto-configuration for Spring AOP method monitoring
* Only activates when aop-patterns property is configured
*/
@ConditionalOnProperty("spring.datasource.druid.aop-patterns")
public class DruidSpringAopConfiguration {
/**
* Creates DruidStatInterceptor for method execution monitoring
* @return Advice implementation for AOP method interception
*/
@Bean
public Advice advice();
/**
* Creates RegexpMethodPointcutAdvisor with configured patterns
* @param properties DruidStatProperties containing AOP patterns
* @return Advisor that applies monitoring to matching methods
*/
@Bean
public Advisor advisor(DruidStatProperties properties);
/**
* Creates DefaultAdvisorAutoProxyCreator when Spring AOP auto-proxy is disabled
* Ensures AOP advisors are applied even when auto-proxy is off
* @return Auto-proxy creator for manual AOP configuration
*/
@Bean
@ConditionalOnProperty(name = "spring.aop.auto", havingValue = "false")
public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator();
}Monitoring Features:
- Method Execution Times: Track method call durations and performance bottlenecks
- Call Patterns: Monitor method invocation frequency and usage patterns
- Error Tracking: Capture method execution exceptions and failure rates
- Layered Monitoring: Separate monitoring for service, DAO, and controller layers
Configuration Example:
# Enable AOP method monitoring
spring.datasource.druid.aop-patterns=com.example.service.*,com.example.dao.*,com.example.controller.*Usage Example:
@Service
public class UserService {
// This method will be monitored due to the AOP pattern
public User findById(Long id) {
// Method execution time and call count will be tracked
return userRepository.findById(id);
}
}Monitoring Data Access
Programmatic Access
Access monitoring data programmatically through Druid's management facade:
@RestController
public class MonitoringController {
@GetMapping("/monitoring/datasource")
public Object getDataSourceStats() {
return DruidStatManagerFacade.getInstance().getDataSourceStatDataList();
}
@GetMapping("/monitoring/sql")
public Object getSqlStats() {
return DruidStatManagerFacade.getInstance().getSqlStatDataList();
}
@GetMapping("/monitoring/web")
public Object getWebStats() {
return DruidStatManagerFacade.getInstance().getWebAppStatDataList();
}
}Monitoring Data Types
DataSource Statistics:
- Connection pool metrics (active, idle, wait counts)
- Connection creation and destruction rates
- Query execution statistics
- Error counts and rates
SQL Statistics:
- Individual SQL statement performance
- Execution counts and average times
- Slow SQL identification
- Parameter binding statistics
Web Statistics:
- URL access patterns and response times
- Session statistics and user activity
- Request/response size metrics
- Error rate analysis
Security Configuration
StatViewServlet Security
IP-based Access Control:
# Allow specific IPs
spring.datasource.druid.stat-view-servlet.allow=127.0.0.1,192.168.1.100
# Deny specific IPs (takes precedence over allow)
spring.datasource.druid.stat-view-servlet.deny=192.168.1.200
# Allow IP ranges
spring.datasource.druid.stat-view-servlet.allow=10.0.0.0/8,172.16.0.0/12Authentication:
# Required credentials for console access
spring.datasource.druid.stat-view-servlet.login-username=admin
spring.datasource.druid.stat-view-servlet.login-password=${DRUID_ADMIN_PASSWORD}Reset Protection:
# Disable reset functionality in production
spring.datasource.druid.stat-view-servlet.reset-enable=falseWebStatFilter Privacy
URL Exclusions:
# Exclude sensitive or unnecessary endpoints
spring.datasource.druid.web-stat-filter.exclusions=*.js,*.css,*.ico,/druid/*,/admin/*,/api/internal/*Session Privacy:
# Limit session tracking scope
spring.datasource.druid.web-stat-filter.session-stat-max-count=1000
spring.datasource.druid.web-stat-filter.principal-session-name=usernameProduction Considerations
Performance Impact
- Minimal Overhead: Druid monitoring has minimal performance impact
- Configurable Depth: Control monitoring granularity through configuration
- Resource Management: Automatic cleanup of old statistics data
Security Best Practices
- Disable in Development: Keep StatViewServlet disabled by default
- Strong Authentication: Use strong passwords and consider additional authentication layers
- Network Isolation: Restrict access to monitoring endpoints via firewall rules
- HTTPS Only: Ensure monitoring console is only accessed over HTTPS in production
- Regular Auditing: Monitor access logs for unauthorized access attempts
Monitoring Configuration Examples
Development Environment:
spring:
datasource:
druid:
stat-view-servlet:
enabled: true
login-username: dev
login-password: dev123
allow: 127.0.0.1
reset-enable: true
web-stat-filter:
enabled: true
exclusions: "*.js,*.css,*.ico,/druid/*"
aop-patterns: com.example.service.*Production Environment:
spring:
datasource:
druid:
stat-view-servlet:
enabled: true
login-username: ${DRUID_USERNAME}
login-password: ${DRUID_PASSWORD}
allow: ${MONITORING_ALLOWED_IPS}
reset-enable: false
url-pattern: /internal/druid/*
web-stat-filter:
enabled: true
exclusions: "*.js,*.css,*.ico,/druid/*,/static/*,/actuator/*"
session-stat-max-count: 5000
aop-patterns: com.example.service.*,com.example.dao.*Install with Tessl CLI
npx tessl i tessl/maven-com-alibaba--druid-spring-boot-starter