I use an AsyncNCSARequestLog with a CGI context which
requires a login/ The login requirement is implemented by adding the
securityHandler block included below to the context file which
configures the CGI servlet.
I've noticed that the request log does not log out the username even when a
user is logged in. Looking into AbstractNCSARequestLog I see the following code.
Authentication authentication = request.getAuthentication();
if (authentication instanceof Authentication.
User)
buf.append(((Authentication.
User)authentication).getUserIdentity().getUserPrincipal().getName());
else
buf.append("-");
Stepping
through with a debugger, I see that I get an authentication object
there of type UserAutentication, and it seems that if the code accepted
that and appended the value of authentication.getUserIdentity().getName() then it would work the way I want.
If
there a good reason that isn't done? Is there a different way I should
configure the login to have the authentication in the expected form?
Obviously
I can write my own RequestLog implementation which does things the way I
want, but it seems like a use case that could be supported in the Jetty code without causing trouble for others.
If I were to propose a patch for this, would it likely be accepted?
Cheers,
Matt
----
<Set name="securityHandler">
<New class="org.eclipse.
jetty.security.ConstraintSecurityHandler">
<Set name="loginService">
<New class="org.eclipse.
jetty.security.HashLoginService">
<Set name="name">Administration</Set>
<Set name="config">PATH/realm.properties</Set>
<Set name="refreshInterval">5</Set>
<Call name="start"/>
</New>
</Set>
<Call name="addConstraintMapping">
<Arg>
<New class="org.eclipse.
jetty.security.ConstraintMapping">
<Set name="pathSpec">/*</Set>
<Set name="constraint">
<New class="org.eclipse.
jetty.util.security.Constraint" id="DefaultSecurityConstraint">
<Set name="authenticate">true</Set>
<Set name="name">BASIC</Set>
<Set name="roles">
<Array type="java.lang.String">
<Item>admin</Item>
</Array>
</Set>
</New>
</Set>
</New>
</Arg>
</Call>
</New>
</Set>