AuditHandler cannot logged request, response, query parameters if response is sent by a framework middleware handler #840
Assignees
Labels
enhancement
Issue: Enhancement
Comments
|
@jiachen1120 I would prefer the second option and still position the dump handler as a debugging tool for the dev environment as it is too heavy. @miklish What do you think? |
|
@stevehu Yeah. Acctually the second situation already can fulfill our customer's requirements. Just wondering will it be useful if we also added dumpped request and response into auditMap in dev environment when people enable dumpped handler for debugging? I personally think option2 should be enough. @miklish Looking forward to your opinion. |
|
I prefer option 2 as well @stevehu @jiachen1120 |
jiachen1120
added a commit
that referenced
this issue
Dec 3, 2020
Merged
stevehu
pushed a commit
that referenced
this issue
Dec 9, 2020
stevehu
pushed a commit
that referenced
this issue
Dec 9, 2020
younggwon1
pushed a commit
to younggwon1/light-4j
that referenced
this issue
Feb 10, 2024
* - solved networknt#840 - audit request if bodyHandler enabled - audit query parameters if request contains it - audit response on error * - auditing all request components - auditing serviceId * - added more test cases
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The current design of the audit handler is that users implement their own way to audit their requests and response in their own handler.
However, it seems if the response is sent by framework middleware handler, people may be hard to auditing the request and response. For example, if openapi validation error happen, status will be sent back but this response won't be auditted.
Probably we can provide a option to users to audit these kind of request and response.
There are two situation:
The text was updated successfully, but these errors were encountered: