Index: lams_admin/web/WEB-INF/web.xml
===================================================================
diff -u -rea3eb45a90b898583f0846acd6cb113344863708 -rb6abe020e1a153e53ff398f05f3e3b235bf3660b
--- lams_admin/web/WEB-INF/web.xml	(.../web.xml)	(revision ea3eb45a90b898583f0846acd6cb113344863708)
+++ lams_admin/web/WEB-INF/web.xml	(.../web.xml)	(revision b6abe020e1a153e53ff398f05f3e3b235bf3660b)
@@ -75,8 +75,8 @@
 		</init-param>
     </filter>
     <filter>
-        <filter-name>SecurityLogFilter</filter-name>
-        <filter-class>org.lamsfoundation.lams.web.filter.SecurityLogFilter</filter-class>
+        <filter-name>AuditLogFilter</filter-name>
+        <filter-class>org.lamsfoundation.lams.web.filter.AuditLogFilter</filter-class>
     </filter>
     <filter>
         <filter-name>CSRFGuard</filter-name>
@@ -96,7 +96,7 @@
 		<url-pattern>/*</url-pattern>
 	</filter-mapping>
     <filter-mapping>
-        <filter-name>SecurityLogFilter</filter-name>
+        <filter-name>AuditLogFilter</filter-name>
         <url-pattern>*.do</url-pattern>
     </filter-mapping>
     <filter-mapping>
Index: lams_build/conf/slim/standalone.xml
===================================================================
diff -u -rea3eb45a90b898583f0846acd6cb113344863708 -rb6abe020e1a153e53ff398f05f3e3b235bf3660b
--- lams_build/conf/slim/standalone.xml	(.../standalone.xml)	(revision ea3eb45a90b898583f0846acd6cb113344863708)
+++ lams_build/conf/slim/standalone.xml	(.../standalone.xml)	(revision b6abe020e1a153e53ff398f05f3e3b235bf3660b)
@@ -113,12 +113,12 @@
                 <append value="true" />
             </size-rotating-file-handler>
 
-            <periodic-rotating-file-handler name="LAMSSECURITY"
+            <periodic-rotating-file-handler name="LAMSAUDIT"
                 autoflush="true">
                 <formatter>
-                    <named-formatter name="LAMSSECURITYPATTERN" />
+                    <named-formatter name="LAMSAUDITPATTERN" />
                 </formatter>
-                <file relative-to="jboss.server.log.dir" path="security.log" />
+                <file relative-to="jboss.server.log.dir" path="auditlams.log" />
                 <suffix value="'.'yyyy-MM-dd" />
                 <append value="true" />
             </periodic-rotating-file-handler>
@@ -134,7 +134,7 @@
                 <pattern-formatter
                     pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} [%t:%x] %-5p %c - %m%n" />
             </formatter>
-            <formatter name="LAMSSECURITYPATTERN">
+            <formatter name="LAMSAUDITPATTERN">
                 <pattern-formatter
                     pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %m%n" />
             </formatter>
@@ -248,10 +248,10 @@
                 </handlers>
             </logger>
             
-            <logger category="org.lamsfoundation.lams.web.filter.SecurityLogFilter" use-parent-handlers="false">
+            <logger category="org.lamsfoundation.lams.web.filter.AuditLogFilter" use-parent-handlers="false">
                 <level name="INFO" />
                 <handlers>
-                    <handler name="LAMSSECURITY" />
+                    <handler name="LAMSAUDIT" />
                 </handlers>
             </logger>
             
Index: lams_build/conf/standalone.xml
===================================================================
diff -u -rea3eb45a90b898583f0846acd6cb113344863708 -rb6abe020e1a153e53ff398f05f3e3b235bf3660b
--- lams_build/conf/standalone.xml	(.../standalone.xml)	(revision ea3eb45a90b898583f0846acd6cb113344863708)
+++ lams_build/conf/standalone.xml	(.../standalone.xml)	(revision b6abe020e1a153e53ff398f05f3e3b235bf3660b)
@@ -142,12 +142,12 @@
                 <append value="true" />
             </size-rotating-file-handler>
             
-            <periodic-rotating-file-handler name="LAMSSECURITY"
+            <periodic-rotating-file-handler name="LAMSAUDIT"
                 autoflush="true">
                 <formatter>
-                    <named-formatter name="LAMSSECURITYPATTERN" />
+                    <named-formatter name="LAMSAUDITPATTERN" />
                 </formatter>
-                <file relative-to="jboss.server.log.dir" path="security.log" />
+                <file relative-to="jboss.server.log.dir" path="auditlams.log" />
                 <suffix value="'.'yyyy-MM-dd" />
                 <append value="true" />
             </periodic-rotating-file-handler>
@@ -163,7 +163,7 @@
                 <pattern-formatter
                     pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} [%t:%x] %-5p %c - %m%n" />
             </formatter>
-            <formatter name="LAMSSECURITYPATTERN">
+            <formatter name="LAMSAUDITPATTERN">
                 <pattern-formatter
                     pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %m%n" />
             </formatter>
@@ -277,10 +277,10 @@
                 </handlers>
             </logger>
             
-            <logger category="org.lamsfoundation.lams.web.filter.SecurityLogFilter" use-parent-handlers="false">
+            <logger category="org.lamsfoundation.lams.web.filter.AuditLogFilter" use-parent-handlers="false">
                 <level name="INFO" />
                 <handlers>
-                    <handler name="LAMSSECURITY" />
+                    <handler name="LAMSAUDIT" />
                 </handlers>
             </logger>
             
Index: lams_common/src/java/org/lamsfoundation/lams/web/filter/AuditLogFilter.java
===================================================================
diff -u
--- lams_common/src/java/org/lamsfoundation/lams/web/filter/AuditLogFilter.java	(revision 0)
+++ lams_common/src/java/org/lamsfoundation/lams/web/filter/AuditLogFilter.java	(revision b6abe020e1a153e53ff398f05f3e3b235bf3660b)
@@ -0,0 +1,80 @@
+package org.lamsfoundation.lams.web.filter;
+
+import java.io.IOException;
+import java.util.Map.Entry;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.log4j.Logger;
+import org.lamsfoundation.lams.usermanagement.dto.UserDTO;
+import org.lamsfoundation.lams.web.session.SessionManager;
+import org.lamsfoundation.lams.web.util.AttributeNames;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+/**
+ * Logs requests to controllers with their parameters
+ *
+ * @author Marcin Cieslak
+ */
+public class AuditLogFilter extends OncePerRequestFilter {
+
+    private static final Logger log = Logger.getLogger(AuditLogFilter.class);
+
+    @Override
+    public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
+	    throws IOException, ServletException {
+	try {
+	    // look for user information
+	    UserDTO user = AuditLogFilter.getUserDto();
+	    StringBuilder logMessageBuilder = new StringBuilder();
+	    if (user == null) {
+		logMessageBuilder.append("Unauthenticated user ");
+	    } else {
+		logMessageBuilder.append("\"").append(user.getLogin()).append("\" (").append(user.getUserID())
+			.append(") ");
+	    }
+
+	    // what path was called
+	    logMessageBuilder.append("called ").append(request.getRequestURI());
+
+	    // optional parameters
+	    if (!request.getParameterMap().isEmpty()) {
+		logMessageBuilder.append(" with parameters: ");
+		for (Entry<String, String[]> entry : request.getParameterMap().entrySet()) {
+		    String key = entry.getKey();
+		    // skip CSRF parameter
+		    if ("OWASP-CSRFGUARD".equals(key)) {
+			continue;
+		    }
+
+		    // print out all parameters with their values
+		    logMessageBuilder.append(key).append("=[");
+		    String[] values = entry.getValue();
+		    if (values != null && values.length > 0) {
+			for (String value : entry.getValue()) {
+			    logMessageBuilder.append(value).append(", ");
+			}
+			logMessageBuilder.delete(logMessageBuilder.length() - 2, logMessageBuilder.length());
+		    }
+		    logMessageBuilder.append("], ");
+		}
+		logMessageBuilder.delete(logMessageBuilder.length() - 2, logMessageBuilder.length());
+	    }
+
+	    log.info(logMessageBuilder);
+	} catch (Exception e) {
+	    log.error("Exception while logging to audit log", e);
+	}
+
+	chain.doFilter(request, response);
+    }
+
+    private static UserDTO getUserDto() {
+	HttpSession ss = SessionManager.getSession();
+	return (UserDTO) ss.getAttribute(AttributeNames.USER);
+    }
+}
\ No newline at end of file
Fisheye: Tag b6abe020e1a153e53ff398f05f3e3b235bf3660b refers to a dead (removed) revision in file `lams_common/src/java/org/lamsfoundation/lams/web/filter/SecurityLogFilter.java'.
Fisheye: No comparison available.  Pass `N' to diff?