Forum OpenACS Q&A: Re: Monitoring user activity

5: Re: Monitoring user activity (response to 1)

Posted by Alfred Werner on 04/18/03 04:11 AM

The gaping hole with using the logfile is that cookie-based authentication basically makes the user/group fields of a common log just appear as an unauthenticated access. Nsperm based access writes those fields but basically noone uses aolserver in that way. A little wish-list dream of mine is to have the cookie-derived user and group passed back into the HTTP headers after authentication, but before the log is written.

If 'activity' in general is the goal then logs will probably be a good starting point, but if you mean 'who did what when', then that approach is currently a dead end.

6: Re: Monitoring user activity (response to 5)

Posted by Tilmann Singer on 04/18/03 09:02 AM

Alfred, have you seen this thread about getting the user_id in the access log? https://openacs.org/forums/message-view?message_id=19404

7: Re: Monitoring user activity (response to 5)

Posted by Andrew Piskorski on 04/18/03 09:08 AM

Alfred, not at all. It is easy to set up things up so AOLserver logs the OpenACS user_id to the access log for every single hit. I've done it on sites I've run.

As far as I know, Vadim Nasardinov first came up with the method, back when we worked together at aD. :) It's since been discussed several more times.

Hm, maybe I should add this to the toolkit, with a simple config switch to turn it on/off...

8: Re: Monitoring user activity (response to 7)

Posted by Andrew Piskorski on 04/18/03 09:11 AM

Or rather I should have said, "Alfred, your wish is granted!" :)

9: Re: Monitoring user activity (response to 8)

Posted by Alfred Werner on 04/19/03 06:57 AM

W00+!! Amazing what can happen when you mutter your inner thoughts out loud :)