Grails 2.5: how to propogate the IP address down to service layer?

Question

The controller layer can get the IP using request.getRemoteAddr() and/or request.getHeader("Client-IP") etc.

However, down in the bowels of the service layer, we might want to log some detected or suspected fraudulent activity by the user, along with the IP address of the user. However, the IP is not available to the service layer, nor is the request.

Obviously, every call from every controller method to every single service method could also pass in the IP or the request, but as we have thousands of these calls and lots of chains of them, it is not really practical.

Can anyone think of a better way?

As we are not in charge of instantiation of the services (these just get magically injected), we can't even pass the IP in when each service is created for the current HTTP call.

UPDATE 1

As suggested, tried the MDC route. Unfortunately, this does not seem to work.

in filter:

import org.apache.log4j.MDC
class IpFilters  {

def filters = {

    all() {
        before = {
            MDC.put "IP", "1.1.1.1"
            println "MDC.put:" + MDC.get("IP")
        }
        afterView = { Exception e ->
            println "MDC.remove:" + MDC.get("IP")
            MDC.remove 'IP'
        }
}

in service:

import org.apache.log4j.MDC
:
def someMethod() {
    String ip = MDC.get("IP")
    println("someMethod: IP = $ip")
}

The result is always:

MDC.put:1.1.1.1
MDC.remove:1.1.1.1
someMethod: IP = null

So the service cant access MDC variables put on the thread in the filter, which is a real shame. Possibly the problem is that "someMethod" is actually called by springSecuirty.

Answer 1

Well, it is highly recommended that we should keep the business logic aware of the controller logic. But keeping your situation in mind, you have to do that and absolutely available. In your service method, write this to log the IP address of the current request:

import org.springframework.web.context.request.RequestContextHolder

// ... your code and class

def request = RequestContextHolder.currentRequestAttributes().getRequest()
println request.getRemoteAddr()

Just make sure, you handle the whatever exception thrown from that line when the same service method is invoked from outside a Grails request context like from a Job.