Skip to content

Logging session Id #183

New issue
New issue
Open
Open
Logging session Id#183
Labels
enhancementNew feature or request
@pascalwilbrink

Description

@pascalwilbrink
pascalwilbrink
opened on Oct 4, 2023

Currently the session id is logged directly (on debug level).

This allows a malicious user to hijack the session.

We could change the logging of the session id for a trace and/or span id.
We could also look into a distributed tracing mechanism, since multiple services are being called from the same frontend.
The distributed tracing mechanism can show insights on potential bottlenecks and can show an audit log of what a user has done between a specific timespan.

Examples of distributed tracing mechanisms:

  • Zipkin
  • Jaeger
  • Elastic(?)
  • OpenTelemetry

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    CoMPAS Issues Overview Board

    Status

    To do

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions