All, For reference: https://bz.apache.org/bugzilla/show_bug.cgi?id=59750
I've got a proposal (in patch form) attached to that BZ issue. Ralf's enhancement request is fairly terse, but this is something I'd like to have as well. The requirement is to be able to log failed authentication attempts. As it stands, using container-managed authentication does not allow this (as far as I can tell). My proposal is essentially a new listener interface that authenticator classes will invoke (if registered) when an authentication event occurs (success or failure). The Request object and username are currently arguments to the two methods on the interface. You can read the entire current path without even scrolling your screen. Before attempting to publish a more complete patch, I wanted to know if there was any appetite for this kind of thing, or any objections. Thanks, -chris
signature.asc
Description: OpenPGP digital signature
