merge with branch issue-195

scm-webapp/src/main/java/sonia/scm/ScmServletModule.java

@@ -102,6 +102,7 @@ import sonia.scm.util.DebugServlet;
 import sonia.scm.util.ScmConfigurationUtil;
 import sonia.scm.web.cgi.CGIExecutorFactory;
 import sonia.scm.web.cgi.DefaultCGIExecutorFactory;
+import sonia.scm.web.filter.LoggingFilter;
 import sonia.scm.web.security.AdministrationContext;
 import sonia.scm.web.security.ApiBasicAuthenticationFilter;
 import sonia.scm.web.security.AuthenticationManager;
@@ -173,6 +174,9 @@ public class ScmServletModule extends ServletModule
   /** Field description */
   public static final String REST_PACKAGE = "sonia.scm.api.rest";
 
+  /** Field description */
+  public static final String SYSTEM_PROPERTY_DEBUG_HTTP = "scm.debug.http";
+
   /** Field description */
   public static final String[] PATTERN_STATIC_RESOURCES = new String[] {
                                                             PATTERN_SCRIPT,
@@ -303,6 +307,12 @@ public class ScmServletModule extends ServletModule
     // bind repository service factory
     bind(RepositoryServiceFactory.class);
 
+    // bind debug logging filter
+    if ("true".equalsIgnoreCase(System.getProperty(SYSTEM_PROPERTY_DEBUG_HTTP)))
+    {
+      filter(PATTERN_ALL).through(LoggingFilter.class);
+    }
+
     /*
      * filter(PATTERN_PAGE,
      *      PATTERN_STATIC_RESOURCES).through(StaticResourceFilter.class);

scm-webapp/src/main/java/sonia/scm/web/security/BasicSecurityContext.java

@@ -124,9 +124,16 @@ public class BasicSecurityContext implements WebSecurityContext
                            HttpServletResponse response, String username,
                            String password)
   {
+    if ( logger.isTraceEnabled() ){
+      logger.trace("start authentication for user {}", username);
+    }
     AuthenticationResult ar = authenticator.authenticate(request, response,
                                 username, password);
 
+    if ( logger.isTraceEnabled() ){
+      logger.trace("authentication ends with {}", ar);
+    }
+    
     if ((ar != null) && (ar.getState() == AuthenticationState.SUCCESS))
     {
       authenticate(request, password, ar);

scm-webapp/src/main/java/sonia/scm/web/security/ChainAuthenticatonManager.java

@@ -130,6 +130,12 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
 
     if (ar == null)
     {
+      if (logger.isTraceEnabled())
+      {
+        logger.trace("no authentication result for user {} found in cache",
+                     username);
+      }
+
       ar = doAuthentication(request, response, username, password);
 
       if ((ar != null) && ar.isCacheable())
@@ -157,6 +163,11 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
   {
     for (AuthenticationHandler authenticator : authenticationHandlerSet)
     {
+      if (logger.isTraceEnabled())
+      {
+        logger.trace("close authenticator {}", authenticator.getClass());
+      }
+
       IOUtil.close(authenticator);
     }
   }
@@ -172,6 +183,11 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
   {
     for (AuthenticationHandler authenticator : authenticationHandlerSet)
     {
+      if (logger.isTraceEnabled())
+      {
+        logger.trace("initialize authenticator {}", authenticator.getClass());
+      }
+
       authenticator.init(context);
     }
 
@@ -200,8 +216,19 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
   {
     AuthenticationResult ar = null;
 
+    if (logger.isTraceEnabled())
+    {
+      logger.trace("start authentication chain for user {}", username);
+    }
+
     for (AuthenticationHandler authenticator : authenticationHandlerSet)
     {
+      if (logger.isTraceEnabled())
+      {
+        logger.trace("check authenticator {} for user {}",
+                     authenticator.getClass(), username);
+      }
+
       try
       {
         AuthenticationResult result = authenticator.authenticate(request,