| auditing DB access through ColdFusion [message #589840] |
Thu, 11 July 2013 05:55 |
John Watson
Messages: 8929
Registered: January 2010
Location: Global Village
|
Senior Member |
|
|
Has anyone set up auditing for a ColdFusion application, that will capture the end user's identity? Not just the CF database logon?
CF uses the usual model: a pool of persistent database sessions, supporting many browser sessions. Details of the end user can be stored as a set of session variables (there is a cookie, or something, that connects browser to the correct set) and I can use them to set a context and a client_id. But the problem is that CF has a multi-threading model that applies within a session: if one page request from the browser invokes several queries to generate the page, it is possible that each query could go to a different pooled connection. So I would need to set the client_id for each query - which would mean, in effect, re-writing the entire application to wrap every query inside a procedure.
I know this question may have to go to a CF forum, but I wanted to try here first, in case anyone has done it before, or can suggest anything.
Thank you for any insight.
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
