-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Rich,
On 9/29/2011 12:18 PM, Richard Sayre wrote: > Thanks, I'm trying to log the user name. I am not using Tomcat > for authentication and I need that info in my access logs. So, that means that %u isn't an option, then? :( > Perhaps I will create a new attribute to hold that value rather > than accessing the object I have in session and calling toString. You have a couple of options, here: 1. Write a Filter that wraps HttpServletRequest and overrides the getRemoteUser to return userObject.getUserId. Then, use "%u" in your access log pattern. 2. Write a Filter that checks the session for "userObject" and no "userId", and sets "userId" as appropriate. 3. Modify your login process to set both "userObject" and, say, "userId" in the session. I would say those are in order of easiest-to-hardest. > On that note if I know the username, is it possible to somehow > inject it so that Tomcat logs it using the %u pattern. Yup, see above. > Previously we used Tomcats built in authentication but we recently > switched to Spring Security. If I could still use %u, then I > could use the 'common' pattern and in turn use > FastCommonAccessLogValve. If not I will use the HTTP Session. Hmm.... I'm surprised that Spring Security doesn't better integrate with the container in order to provide ServletRequest.getPrincipal and ServletRequest.getRemoteUser. I wonder if there is a Filter that already exists in Spring Security that would do what I suggested in #1. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6Er6AACgkQ9CaO5/Lv0PB+FACgqb6s6BSBcoiMf4Ka1+awxArC UHoAnR0LSUHNGRnuyHSpvW7vEYONDJuK =NFZ/ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org