I ran into the same problem. We are using jcifs.http.NtlmHttpFilter for authentication. The access logs show NULL-AUTH-USER. I saw your solution, copying the remoteUser into request scope in every application and logging using %attribute.<name>%. We have around 20 web apps though. So this did not seem like a reliable solution. I considered modifying jcifs source but jcifs is a library in every webapp currently, so all would need to be modified. I found that JCIFS puts the username in a session attribute called NtlmHttpAuth. Glassfish doesn't have any documented method to log session variables. So I searched through the glassfish source code for any undocumented features. No session logging.
I found that with adding one line of code to glassfish I could make JCIFS authenticated user access logging work.
I added:
if (user == null && hreq.getSession(false) != null && hreq.getSession(false).getAttribute("NtlmHttpAuth") != null) { user =
hreq.getSession(false).getAttribute("NtlmHttpAuth").toString(); }
in com\sun\enterprise\web\accesslog\DefaultAccessLogFormatterImpl.java appendAuthUserName method (line 388).
I compiled it and put it in:
C:\Sun\AppServer\lib\appserv-rt.jar
We are running Sun GlassFish Enterprise Server v2.1 (9.1.1). I only compiled and added that one java file to appserv-rt.jar. I used source from:
GlassFish Project - v2.1 FinalBuild (also known as v2.1 b60e Promoted Build).
This isn't the best way to patch glassfish but it is working.
[Message sent by forum member 'thekyle2000' (thekyle2000)]
http://forums.java.net/jive/thread.jspa?messageID=358412