Move HTTP access logs to data/log directory

namanONcode · namanONcode · commit 0a600c04a648 · 2026-02-04T20:10:51.000+05:30
Closes keycloak#45629 Signed-off-by: NAMAN JAIN <naman.049259@tmu.ac.in>
diff --git a/quarkus/runtime/src/main/resources/application.properties b/quarkus/runtime/src/main/resources/application.properties
@@ -7,7 +7,7 @@ quarkus.banner.enabled=false
 
 # Set Keycloak category for HTTP access log
 quarkus.http.access-log.category=org.keycloak.http.access-log
-quarkus.http.access-log.log-directory=${kc.home.dir:default}${file.separator}data
+quarkus.http.access-log.log-directory=${kc.home.dir:default}${file.separator}data${file.separator}log
 
 # Enables metrics from other extensions if metrics is enabled
 quarkus.datasource.metrics.enabled=${quarkus.micrometer.enabled:false}
diff --git a/quarkus/tests/integration/src/test/java/org/keycloak/it/cli/dist/LoggingDistTest.java b/quarkus/tests/integration/src/test/java/org/keycloak/it/cli/dist/LoggingDistTest.java
@@ -293,7 +293,7 @@ protected static String readDefaultFileLog(RawDistRootPath path) {
     }
 
     protected static String readHttpAccessLogFile(RawDistRootPath path, String logName) {
-        return readFile(path.getDistRootPath() + File.separator + "data" + File.separator + logName, "HTTP Access log");
+        return readFile(path.getDistRootPath() + File.separator + "data" + File.separator + "log" + File.separator + logName, "HTTP Access log");
     }
 
     protected static String readFile(String path, String fileType) {
@@ -314,29 +314,33 @@ protected static String readFile(String path, String fileType) {
     void httpAccessLogNotNamedPattern(CLIResult cliResult, KeycloakDistribution dist, RawDistRootPath path) {
         when().get("http://127.0.0.1:8080/realms/master/.well-known/openid-configuration").then()
                 .statusCode(200);
-        cliResult.assertMessage("[org.keycloak.http.access-log]");
-        cliResult.assertMessage("127.0.0.1 GET /realms/master/.well-known/openid-configuration");
+        Awaitility.await().atMost(5, TimeUnit.SECONDS).untilAsserted(
+                () -> cliResult.assertMessage("[org.keycloak.http.access-log]"));
+        Awaitility.await().atMost(5, TimeUnit.SECONDS).untilAsserted(
+                () -> cliResult.assertMessage("127.0.0.1 GET /realms/master/.well-known/openid-configuration"));
 
         when().get("http://127.0.0.1:8080/realms/master/clients/account/redirect").then()
                 .statusCode(200);
         cliResult.assertNoMessage("127.0.0.1 GET /realms/master/clients/account/redirect");
 
         // file
-        cliResult = dist.run("start-dev", "--http-access-log-enabled=true", "--http-access-log-file-enabled=true", "--http-access-log-pattern='%A %{METHOD} %{REQUEST_URL} %{i,User-Agent}'", "--http-access-log-exclude=/realms/master/clients/.*");
-        cliResult.assertStartedDevMode();
+        CLIResult fileCliResult = dist.run("start-dev", "--http-access-log-enabled=true", "--http-access-log-file-enabled=true", "--http-access-log-pattern='%A %{METHOD} %{REQUEST_URL} %{i,User-Agent}'", "--http-access-log-exclude=/realms/master/clients/.*");
+        fileCliResult.assertStartedDevMode();
         when().get("http://127.0.0.1:8080/realms/master/.well-known/openid-configuration").then()
                 .statusCode(200);
-        cliResult.assertNoMessage("[org.keycloak.http.access-log]");
-        cliResult.assertNoMessage("127.0.0.1 GET /realms/master/.well-known/openid-configuration");
+        fileCliResult.assertNoMessage("[org.keycloak.http.access-log]");
+        fileCliResult.assertNoMessage("127.0.0.1 GET /realms/master/.well-known/openid-configuration");
 
         when().get("http://127.0.0.1:8080/realms/master/clients/account/redirect").then()
                 .statusCode(200);
-        cliResult.assertNoMessage("127.0.0.1 GET /realms/master/clients/account/redirect");
+        fileCliResult.assertNoMessage("127.0.0.1 GET /realms/master/clients/account/redirect");
 
-        String data = readHttpAccessLogFile(path, "keycloak-http-access.log");
-        assertNotNull(data);
-        assertThat(data, containsString("127.0.0.1 GET /realms/master/.well-known/openid-configuration"));
-        assertThat(data, not(containsString("127.0.0.1 GET /realms/master/clients/account/redirect")));
+        Awaitility.await().atMost(5, TimeUnit.SECONDS).untilAsserted(() -> {
+            String data = readHttpAccessLogFile(path, "keycloak-http-access.log");
+            assertNotNull(data);
+            assertThat(data, containsString("127.0.0.1 GET /realms/master/.well-known/openid-configuration"));
+            assertThat(data, not(containsString("127.0.0.1 GET /realms/master/clients/account/redirect")));
+        });
     }
 
     @Test
@@ -351,10 +355,12 @@ void httpAccessLogFile(CLIResult cliResult, RawDistRootPath path) {
                 .statusCode(200);
         cliResult.assertNoMessage("http://127.0.0.1:8080/realms/master/clients/account/redirect");
 
-        String data = readHttpAccessLogFile(path, "my-custom-http-access.txt");
-        assertNotNull(data);
-        assertThat(data, containsString("GET /realms/master/.well-known/openid-configuration HTTP/1.1"));
-        assertThat(data, containsString("GET /realms/master/clients/account/redirect"));
+        Awaitility.await().atMost(5, TimeUnit.SECONDS).untilAsserted(() -> {
+            String data = readHttpAccessLogFile(path, "my-custom-http-access.txt");
+            assertNotNull(data);
+            assertThat(data, containsString("GET /realms/master/.well-known/openid-configuration HTTP/1.1"));
+            assertThat(data, containsString("GET /realms/master/clients/account/redirect"));
+        });
     }
 
     // Telemetry Logs
