Ticket #2273 (new defect)

Opened 9 years ago

Last modified 9 years ago

User name not logged in access log with CPSExtendedAuth

Reported by: gracinet Owned by: madarche
Priority: P2 Milestone: CPS 3.5.7
Component: CPSExtendedAuth Version: 3.5.1
Severity: normal Keywords:


In the Zope access log (usually in log/Z2.log), we have information similar to Apache's access logs, =together with the id of the current authenticaded user, if any. Actually this is done by the underlying Medusa server, which logs automatically what's found in the Authorization HTTP header (basic authentication). The CMF cookie crumbler actually cheats on it so that the proper id gets in the log (there's no basic auth in that context, of course). There is nothing of that kind in CPSExtendedAuth. Therefore, the user id is lost for the logs.

The switch user feature of CPSUserFolder should also do what's necessary, so that the information is correct in the logs. This might be important for accounting reasons.

Therefore, this should probably be CPSUserFolder's job to guarantee that

Change History

comment:1 Changed 9 years ago by gracinet

  • Owner changed from gracinet to madarche
  • Component changed from CPSUserFolder to CPSExtendedAuth

Actually, I double checked: with the switch user feature, the primary user is logged (header hack is before the switch). Workflow history is obviously a different matter.

comment:2 Changed 9 years ago by gracinet

I've got local mod for this, will test it on a real instance with cleartrust auth tomorrow.

Note: See TracTickets for help on using tickets.