Feature #9536

Improve logging of security related events

Added by Robert Lemke about 9 years ago. Updated about 9 years ago.

Status:
Resolved
Priority:
Should have
Assignee:
Category:
Security
Start date:
2010-08-31
Due date:
% Done:

100%

PHP Version:
Has patch:
Complexity:

Description

Security related actions and events should be logged into its own file / backend because

  1. they log data might be sensitive
  2. important information might drown in the amount of other messages

Additionally I'd like to see some hint if a user logged in or was re-authenticated due to an active token found in the session.

Associated revisions

Revision 84bb2483 (diff)
Added by Robert Lemke about 9 years ago

[+FEATURE] FLOW3 (Security): Security events are logged to own file and more verbosively

Aside from the FLOW3 system log - whose file name is now "System.log" -
FLOW3 now writes security related log messages into its own log file
called "Security.log".

Furthermore, the logging advices now report more detailed information
about re-authentication and authentication redirects.

Change-Id: I8e59c1493ee55c01b3c13ec94cbefa42b1341c08
Resolves: #9536

History

#1 Updated by Robert Lemke about 9 years ago

  • Status changed from Accepted to Resolved
  • % Done changed from 0 to 100

Also available in: Atom PDF