-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 George,
On 11/16/2009 11:35 AM, George Sexton wrote: > Uh, if the Access Log Value logged before the request was complete, how > would it know the number of bytes written to log? If you read the whole first post, you'd see that I mentioned that. - -chris > > George Sexton > MH Software, Inc. > http://www.mhsoftware.com/ > Voice: 303 438 9585 > > >> -----Original Message----- >> From: Jason Brittain [mailto:jason.britt...@mulesource.com] >> Sent: Friday, November 13, 2009 7:12 PM >> To: Tomcat Users List >> Subject: Re: AccessLogValve calling order >> >> Hi Chris. >> >> Thanks for diagnosing this problem! It appears you're right that it >> logs >> only after the session is invalidated (after the request is complete) >> on a >> logout request. That bug has existed in the code for a very long time, >> unnoticed. The AccessLogValve was initially implemented to log only >> after >> the request processing is complete so that the client never needs to >> wait >> for the logging to complete. With the new addition of asynchronous >> logging, >> however, it's quite a bit less important to log only when the request >> is >> complete. It seems like it would help if the access logger could be >> configurable to log either before or after handling the request (I'm >> not >> sure logging both before and after makes sense). Your ideas for %Sr >> and >> %{methodName}rm both seem useful as well, though I think the >> %{methodName}rm >> one has potential security & side effect issues. So, I would suggest >> implementing your first two ideas. I'm also happy to help you with >> that, if >> you'd like. >> >> Cheers. >> -- >> Jason Brittain >> MuleSoft <http://www.mulesoft.com> >> >> >> On Fri, Nov 13, 2009 at 2:22 PM, Christopher Schultz < >> ch...@christopherschultz.net> wrote: >> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> All, >>> >>> Amazingly enough, I had my first need to use AccessLogValve today, >> and >>> one of the things I wanted to print was the user's session id. No, >>> problem: just add "%S" to the log pattern. >>> >>> Well, there is one problem: you can't spit-out the session id for >> logout >>> requests because the logic for the AccessLogValve is: >>> >>> if(enabled) >>> invoke next valve >>> print log message >>> else >>> invoke next valve >>> >>> Note that the request has essentially completed when the log message >> is >>> generated. This makes complete sense as you typically want to log >>> /after/ the request so you can do things like find out how many bytes >>> were sent, how long the request took, etc. >>> >>> In my case, I want to have access to the session id before the >> session >>> is invalidated (which happens in the logout servlet). >>> >>> Another option would be to get the requested session id from the >> request >>> (which can only be done with the current AccessLogValve if the client >> is >>> using cookies), though that can be misleading because anyone can >> request >>> anything... it's not guaranteed to use a useful value. >>> >>> Anyhow, I was wondering if anyone had any suggestions short of >> heavily >>> modifying the AccessLogValve or developing something from scratch. >>> >>> I'd also be happy to provide a patch for the AccessLogValve that add >> any >>> or all of the following capabilities: >>> >>> 1. Allow log before or after request (or both?) >>> 2. Add requested session id to standard pattern options (%Sr?) >>> or >>> 3. Add %{xxx}rm to call ServletRequest.xxx and print the result >>> (allows ${getRequestedSessionId}rm >>> >>> Any comments? >>> >>> Thanks, >>> - -chris >>> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksBu44ACgkQ9CaO5/Lv0PAw4wCguv7l9vhQnpzPn8yNKYLR6GQw P/YAn2Xhaz3AzZad0J+/5eAxmIXph2C6 =ZMwX -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org