Diagnostic log
In a basic configuration, log events are printed to the SSO diagnostic log (since v. 9.1.0). Filter the log events with password-reset web application name.
Sample event:
| Code Block | ||
|---|---|---|
| ||
2022-10-04 16:15:31,775 password-reset com.ubisecure.sso.password.reset.BeginResetServlet WARN BeginResetServlet.prepareNextPhase(): error.account.not-found ; username=asko INVALID: NOTFOUND: javax.naming.NameNotFoundException: com.ubisecure.ubilogin.directory.spi.StatusException: INVALID: NOTFOUND: javax.naming.NameNotFoundException: javax.naming.NameNotFoundException |
404 Page Not Found
A page not found error indicates that the steps described in Password Reset application installation have not been completed.
HTTP Status 500 – Internal Server Error
Check Tomcat server logs (in ubilogin-sso/tomcat/logs/catalina.YYYY-MM-DD.log by default) diagnostic log if it contains some of the log entries shown below.
INFO: [ERROR] password com.ubisecure.sso.password.reset.BeginResetServlet: password-reset ... java.lang.IllegalStateException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: Certificate signature validation failed- SSO server certificate is not trusted by the Java Runtime Environment in which the Password Reset application is run. Check Add Server Certificate to Java Trust Store.
INFO: [ERROR] password com.ubisecure.sso.password.reset.OTPServlet: password-reset ... java.lang.IllegalStateException: Invalid response: {"error":"unauthorized_client"} for grant_type=...- Depending on the shown grant_type
http://globalsign.com/iam/sso/oauth2/grant-type/sms-mt-otp→ No Unregistered SMS OTP method allowed to Password Reset applicationhttp://globalsign.com/iam/sso/oauth2/grant-type/smtp-otp→ No Unregistered SMTP OTP method allowed to Password Reset application- Otherwise → The password method contains an invalid value X in the configuration parameter password.reset.grantTypes
- Depending on the shown grant_type
...