Re: [Pki-devel] [PATCH] enable tomcat access log

On 10/8/2013 4:28 PM, Andrew Wnuk wrote: ACK. There's one interesting thing. By default the access log will include the remote (authenticated) user (see http://tomcat.apache.org/tomcat-7.0-doc/config/valve.html#Access_Log_Valv...). For CLI operations the remote user is logged correctly. However, for UI operations the remote user will be blank. This is probably because the old servlets are not using the J2EE authentication. Once the UI is re-implemented using REST it should log the remote user correctly. But legacy clients or console accessing the old servlets will still have the same issue unless we re-implement the authentication mechanism for the servlets. -- Endi S. Dewata