This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "ESAPI Logging"
From OWASP
Alexsmolen (talk | contribs) (→Possible Enhancements) |
Alexsmolen (talk | contribs) (→Feature Overview) |
||
| Line 1: | Line 1: | ||
== Feature Overview == | == Feature Overview == | ||
| − | The ESAPI Logger should promote secure logging functionality while allowing organizations to choose their own logging framework. | + | The ESAPI Logger should promote secure logging functionality while allowing organizations to choose their own logging framework. The primary benefit of the ESAPI Logger is the addition of relevant security information to the log message and the use of specific tags that allow log messages to be identified as SECURITY related (as opposed to FUNCTIONAL, PERFROMANCE, etc). |
== Possible Enhancements == | == Possible Enhancements == | ||
Revision as of 14:52, 11 December 2008
Feature Overview
The ESAPI Logger should promote secure logging functionality while allowing organizations to choose their own logging framework. The primary benefit of the ESAPI Logger is the addition of relevant security information to the log message and the use of specific tags that allow log messages to be identified as SECURITY related (as opposed to FUNCTIONAL, PERFROMANCE, etc).
Possible Enhancements
- Remove LogFactory interface. The ESAPI is a factory itself that can be used to select a logging implementation.
- Change default log behavior to use classes rather than module names.
