On 01/16/2015 02:18 PM, Ivan Zhakov wrote:
> But I'm not sure that current behavior is the best. I'm thinking to
> implement the following logic in mod_authz_svn: use different log
> level whether access denied for subrequest or for primary request (the
> URL user actually tried to access).
>
> Does it make sense?
>
> The other open question is which error level use for these 'soft'
> access denied messages:
> a) info (Like we do for access granted messages)
> b) warning

It makes sense to me to log explicit attempts to hit an unreadable
resource differently than the somewhat unavoidable implicit attempts.

As for log levels, is there any reason to log the implicit read attempts
at a level higher than "debug"?  I have no opinion about the log level
for the explicit ones.

-- 
C. Michael Pilato <cmpil...@collab.net>
CollabNet   <>   www.collab.net   <>   Enterprise Cloud Development

Reply via email to