[Zope-dev] WSGI access log user info howto?

Thu Apr 2 02:27:39 EDT 2009

Hi Alex

> Betreff: Re: WSGI access log user info howto?
> 
> A branch containing this refactoring named 
> 'achapman__username_logging now exists in the zope.app.wsgi 
> directory. I'll be merging it today and tagging a release if 
> it appears acceptable.

This looks good to me. Can you add a test for the new
logging part? Or let me know if I can do it for you.

Regards
Roger Ineichen

> - Alex Chapman
> 
> 
> On Tue, Mar 31, 2009 at 10:00 PM, Alex Chapman 
> <achap5dk at gmail.com> wrote:
> 
> 
> 	This would work great for my own needs if its acceptable with 
> 	everyone else. 
> 	
> 	Thanks for the help on this. In the future I'll do work 
> on a branch and
> 	request a review from all those on the owner list 
> before merging,
> 	tagging, and releasing.
> 	
> 	-Alex Chapman
> 	
> 	On Wed, 2009-04-01 at 03:30 +0200, Roger Ineichen wrote:
> 	> Hi all
> 	> 
> 	> Shane,
> 	> any idea about the following which whould also
> 	> affect the zope.pipeline or the zope.publisher refactoring?
> 	> 
> 	> I need some advice for the access log topic in wsgi.
> 	> 
> 	> 
> 	> The zope http server logs access in zope.publisher.http
> 	> like:
> 	> 
> 	> def setPrincipal(self, principal):
> 	>     'See IPublicationRequest'
> 	>     super(HTTPRequest, self).setPrincipal(principal)
> 	>     logging_info = ILoggingInfo(principal, None)
> 	>     if logging_info is None:
> 	>         message = '-'
> 	>     else:
> 	>         message = logging_info.getLogMessage()
> 	>     self.response.authUser = message
> 	> 
> 	> This means there is a ILoggingInfo adapter which returns
> 	> a simple string. ASCII and no space are preffered because
> 	> the standard access log format uses space aas delimiter.
> 	> And access lgo fiels are not unicode.
> 	> 
> 	> Of corse the ILoggingInfo adapter is responsible for 
> 	> choose the right format for each project. A default
> 	> is configured in zope.publisher.principallogging
> 	> PrincipalLogging
> 	> 
> 	> Now to the question.
> 	> 
> 	> In the latest checkins there was a access log part
> 	> implemented. It doesn't use the ILoggingInfo adapter and
> 	> is exposing the user login which is a part of the security
> 	> credential. This get already released. (not good)
> 	> 
> 	> Is there a standard how WSGI apps will log user info in
> 	> access logs? I guess not, right?
> 	> 
> 	> Does someone have a good idea how we should implement
> 	> user access info for access logs in zope.app.wasg?
> 	> 
> 	> If not, I propose the following:
> 	> 
> 	> logging_info = ILoggingInfo(request.principal, None)
> 	> if logging_info is None:
> 	>     message = '-'
> 	> else:
> 	>     message = logging_info.getLogMessage()
> 	> environ['wsgi.logging_info'] = message
> 	> 
> 	> 
> 	> - this will set a ``wsgi.logging_info``  environ
> 	>   variable (or is there already a standard name)?
> 	> 
> 	> - it uses the ILoggingInfo adapter which let us use
> 	>   different kind of access log info strategies in 
> 	>   custom projects. By default we should use the 
> 	>   PrincipalLogging adapter form 
> zope.publisher.principallogging.
> 	> 
> 	> Does anybody have a better idea how we can make the user
> 	> info available for the access log?
> 	> 
> 	> Alex whould this fit for you?
> 	> 
> 	> 
> 	> Regards
> 	> Roger Ineichen
> 	> _____________________________
> 	> END OF MESSAGE
> 	> 
> 	
> 
> 
> 