Hi Richard,
did you try using the monitoring module, in "audit" mode? It will logs all
sorts of details about the requests
you're getting, regardless if they are post or get, including the username
(but I don't know if it works
fine with LDAP auth).

See:
http://docs.geoserver.org/latest/en/user/extensions/monitoring/index.html
https://geoserver.geo-solutions.it/edu/en/adv_gsconfig/monitoring.html

Cheers
Andrea

On Thu, Sep 13, 2018 at 9:56 AM Richard Duivenvoorde <rdmaili...@duif.net>
wrote:

> Hi List,
>
> We are experimenting here with the LDAP authentication provider against
> the Windows Active Directory. All works fine!!
>
> It is easy to ask for authorisation for a layer, and giving access via
> 'groups' instead of individual users is a nice thing.
>
> BUT we also want to see in either Tomcat or Geoserver log files WHO is
> asking for certain layers. So we want to log the username.
>
> It's only internal use, so it's not even over https, so I can see the
> base64 username:password headers going over the line.
>
> But whatever I try (custom Valves for Tomcat) different log formats for
> the (Apache) reverse proxy, I keep getting "- -" in logs instead of
> seeing the username.
>
> So Question: is it possible to let Geoserver/Tomcat/Apache log the
> username somewhere? I did a lot of googling, and found a lot of
> 'answers', but nothing works in my situation.
>
> Any hint/clue?
> Anybody is able to log usernames?
>
> Regards,
>
> Richard Duivenvoorde
>
> PS I'm pretty sure I asked something like this some years ago, and think
> that Andrea answered something along the lines "difficult", but I cannot
> find that Q/A anymore.
>
> PS2 I think for governmental organisations in EU it will be more and
> more important to be able to hand over clear logs in case of privacy
> breaches nowadays. Usernames are an important part in that case.
>
>
> _______________________________________________
> Geoserver-devel mailing list
> Geoserver-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-devel
>


-- 

Regards, Andrea Aime == GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime
@geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054
Massarosa (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339
8844549 http://www.geo-solutions.it http://twitter.com/geosolutions_it
------------------------------------------------------- *Con riferimento
alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 -
Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni
circostanza inerente alla presente email (il suo contenuto, gli eventuali
allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i
destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per
errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le
sarei comunque grato se potesse darmene notizia. This email is intended
only for the person or entity to which it is addressed and may contain
information that is privileged, confidential or otherwise protected from
disclosure. We remind that - as provided by European Regulation 2016/679
“GDPR” - copying, dissemination or use of this e-mail or the information
herein by anyone other than the intended recipient is prohibited. If you
have received this email by mistake, please notify us immediately by
telephone or e-mail.*
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

Reply via email to