Forum OpenACS Q&A: Re: Monitoring user activity

Collapse
Posted by Alfred Werner on
The gaping hole with using the logfile is that cookie-based authentication basically makes the user/group fields of a common log just appear as an unauthenticated access. Nsperm based access writes those fields but basically noone uses aolserver in that way. A little wish-list dream of mine is to have the cookie-derived user and group passed back into the HTTP headers after authentication, but before the log is written.

If 'activity' in general is the goal then logs will probably be a good starting point, but if you mean 'who did what when', then that approach is currently a dead end.

Collapse
Posted by Tilmann Singer on
Alfred, have you seen this thread about getting the user_id in the access log? https://openacs.org/forums/message-view?message_id=19404
Collapse
Posted by Andrew Piskorski on
Alfred, not at all. It is easy to set up things up so AOLserver logs the OpenACS user_id to the access log for every single hit. I've done it on sites I've run.

As far as I know, Vadim Nasardinov first came up with the method, back when we worked together at aD. :) It's since been discussed several more times.

Hm, maybe I should add this to the toolkit, with a simple config switch to turn it on/off...

Collapse
Posted by Andrew Piskorski on
Or rather I should have said, "Alfred, your wish is granted!" :)
Collapse
Posted by Alfred Werner on
W00+!! Amazing what can happen when you mutter your inner thoughts out loud :)