On Tue, 24 Jan 2006, Jim Fulton wrote: > Phillip J. Eby wrote: > ... > > I'm pointing out that the use case under consideration isn't specific > > *enough* yet. Do people's log files support unicode? Do the > > authentication systems? This hasn't been made clear, and it should be. > > I agree. I think we should be guided by the common log file format. > Log data are written to files and are thus not unicode. The user > info is *just* documentation, so it is really up to the app what to > show imo. Further, because the common log file format is space > delimited, the user info cannot contain spaces.
I'm curious. Suppose that a subset of your site or application requires users to log in through an HTML form, but that for some reason there's also a general HTTP authentication username and password over the whole system. Which username should the web server log? I think you guys are trying to solve this at the wrong level. This problem should be handled by the web server itself. Even if you want to use your own custom forms, there is already a really nice solution to this problem for apache: http://aspn.activestate.com/ASPN/CodeDoc/Apache-AuthCookie/AuthCookie.html If a particular webserver doesn't allow this sort of approach, then maybe the work should be done there? Meanwhile, you can always do your own logging for the events you actually want to record at the application layer. Maybe I just don't understand why this is important. Can someone (Jim) explain why this is a requirement in the first place? Sincerely, Michal J Wallace Sabren Enterprises, Inc. ------------------------------------- contact: [EMAIL PROTECTED] hosting: http://www.cornerhost.com/ my site: http://www.withoutane.com/ ------------------------------------- _______________________________________________ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: http://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
