I am working on a system that has key requirements for XML security and long-term auditing (storing and retrieval of HTTP request info and SOAP requests/responses). I am wondering if anyone out there would care to comment on best practices for this sort of project, pitfalls to be aware of, open-source tools that came in handy (e.g. for administrating and managing archives of old logs and XML files), any other advice you would like to share?
I'm hoping this thread can turn into a reference point for people who need to keep a full SOAP request to response audit trail. thx a
