Feature #5481
Implement meaningful logging for security / authentication
| Status: | Resolved | Start date: | 2009-11-24 | |
|---|---|---|---|---|
| Priority: | Should have | Due date: | ||
| Assigned To: | Robert Lemke | % Done: | 100% |
|
| Category: | Security | |||
| Target version: | TYPO3 Flow Base Distribution - 1.0 alpha 7 | |||
| PHP Version: | Complexity: | |||
| Has patch: |
Description
Finding out what's wrong during the authentication process can be cumbersome due to its complexity. Therefore we need some meaningful logging which helps debugging new client code (or the security framework itself) and at the same time audit the authentication mechanism of an application.
Logging should be implemented as an aspect. Advices should only be active if this is required by current logging threshold.
Associated revisions
[+API] FLOW3 (AOP): Added the JoinPoint class to the supported API. Also added a new method "hasException()" to the JoinPoint implementation. Resolves #5480
[~TASK] FLOW3 (Cache): Set the log level of flushCachesByTag to DEBUG
[~FEATURE] FLOW3 (Security): Implemented a logging aspect which currently logs all relevant actions of the authentication mechanism. The advices are currently active regardless of the configured logging threshold. Addresses #5481
[~TASK] FLOW3 (Security): Removed getSecurityContext() from the Authentication Manager Interface – it was not used anywhere.
[~CONFIGURATION] FLOW3 (Security): Removed the requestPatterns configuration from the default security configuration. This configuration was only an example and got in the way if one wanted to reuse the DefaultProvider configuration for other login controllers.
[~TASK] Fluid (ViewHelpers): Corrected some inline documentation in the FormViewHelper
History
#1 Updated by Robert Lemke over 5 years ago
- % Done changed from 0 to 90
#2 Updated by Robert Lemke over 5 years ago
- Status changed from Accepted to Resolved
- % Done changed from 90 to 100