leave logging setup to wsgi runner

src/sso_server/sso_server/application.py

@@ -9,7 +9,6 @@ from flask import Flask, redirect, request, session, render_template, make_respo
 from sso_server import login_service
 
 app = Flask('sso_server')
-log = logging.getLogger(__name__)
 
 SSO_COOKIE_NAME = '_sso_tkt'
 
@@ -99,8 +98,9 @@ def login():
         # Form submission, validate CSRF, username and password.
         csrf_token = session.pop('_csrf', None)
         if not csrf_token or csrf_token != request.form.get('_csrf'):
-            log.error('CSRF failure, session=%s, form=%s', csrf_token,
-                      request.form.get('_csrf'))
+            app.logger.error(
+                'CSRF failure, session=%s, form=%s', csrf_token,
+                request.form.get('_csrf'))
             return show_login_page(params, 'Invalid session')
         username = _tostr(request.form.get('username'))
         password = _tostr(request.form.get('password'))
@@ -108,6 +108,8 @@ def login():
         if app.config.get('SSO_ENABLE_OTP'):
             otp = _tostr(request.form.get('otp'))
         if not app.login_service.authenticate(username, password, otp):
+            app.logger.error(
+                'authentication failure for user %s', username)
             # Authentication failed, show login page again.
             return show_login_page(params, 'Authentication failed')
 
@@ -122,8 +124,9 @@ def login():
                                                  params.destination,
                                                  params.groups)
     except login_service.Error, e:
-        log.error('unauthorized access: user=%s, service=%s, dest=%s, '
-                  'err=%s', username, params.service, params.destination, str(e))
+        app.logger.error(
+            'unauthorized access for user %s: service=%s, dest=%s, '
+            'err=%s', username, params.service, params.destination, str(e))
         return show_unauthorized_page(e)
 
     # Keep track of the active services.

src/sso_server/sso_server/login_service.py

@@ -131,7 +131,6 @@ class LoginService(object):
         """
         self._validate_service_access(service, destination)
         groups = self._validate_group_access(username, required_groups)
-        print 'authorize:', type(username), type(service), type(destination), groups, self.service_ticket_ttl
         ticket = sso.Ticket(username, service, self.domain, groups,
                             self.service_ticket_ttl)
         return self.signer.sign(ticket)

src/sso_server/sso_server/wsgi.py

@@ -3,6 +3,5 @@
 import os
 from sso_server import application
 
-application.setup_syslog()
 app = application.create_app(
     os.getenv('APP_CONFIG', '/etc/sso/config'))