i checked in a change this weekend that adds the logged-in exyus user to the IIS logs. this is a 'hack' but at least you can find the user in the logs now.
since exyus uses it's own Digest and Basic HTTP Auth, IIS never knows who is the authenticated user. that means the
cs-usernameis always empty in the logs. now, by using the
Response.AppendToLog(exyus_user)pattern, any time a user authenticates within exyus, the data is added to the log - as part of the
cs-queryfield. it looks like this:
check out the source code at the google code site (see sidebar) for details.