Conversation
| @Override | ||
| public boolean handleSecurity(HttpServletRequest request, | ||
| HttpServletResponse response) { | ||
| if(request.getHeader("x-request-id") != null) { |
There was a problem hiding this comment.
In my opinion the value of "x-request-id" should be configurable. If blank, don't set the thread name.
Also note that on Jetty the thread name includes the request method and path, with this change this information is lost, unless it is in the special header.
There was a problem hiding this comment.
The request path and method would still persist as we are not overriding the function call made here https://github.com/apache/sling-org-apache-sling-engine/blob/master/src/main/java/org/apache/sling/engine/impl/SlingMainServlet.java#L107 but instead we are simply adding the ability to trace the authentication logs to the edge logs allowing for visibility into the authentication process.
|
|
I agree with the premise of logging a request ID. However, I would prefer an approach based on logback's MDC, which is more versatile and keeps this as an orthogonal concern. I think @nscendoni is working towards such an approach. |
|
2 participants
No description provided.