Diagnostic log
In a basic configuration, logging is done to the application server logs.log events are printed to the SSO diagnostics log. Filter the log events with password
web application name.
Successful startup is indicated with the following kind of entries:
...
Code Block | ||||
---|---|---|---|---|
| ||||
C:\Program Files\Ubisecure\ubilogin-sso\tomcat\logs\xxxxx-stderr.YYYYMMDD.log
C:\Program Files\Ubisecure\ubilogin-sso\tomcat\logs\xxxxx-stdout.YYYYMMDD.log
C:\Program Files\Ubisecure\ubilogin-sso\tomcat\logs\xxxxx.YYYY-MM-DD.log |
Code Block | ||||
---|---|---|---|---|
| ||||
/usr/local/Ubisecure/ubilogin-sso/tomcat/logs/xxxxx-stderr.YYYYMMDD.log
/usr/local/Ubisecure/ubilogin-sso/tomcat/logs/xxxxx-stdout.YYYYMMDD.log
/usr/local/Ubisecure/ubilogin-sso/tomcat/logs/xxxxx.YYYY-MM-DD.log |
2022-10-06 12:16:21,375 password init INFO Ubilogin Password 9.1.0 starting
...
2022-10-06 12:16:23,397 password init INFO Ubilogin Password 9.1.0 started |
Successful shutdown is indicated with the following kind of entry:
Code Block | ||
---|---|---|
| ||
INFO: 2022-10-06 12:15:42,822 password init INFO Ubilogin Password started |
...
9.1.0 stopped |
Sample warning:
Code Block | ||
---|---|---|
|
...
INFO: Ubilogin Password stopped
...
2022-10-04 16:15:31,775 password com.ubisecure.ubilogin.password.change.ChangeServlet WARN CredentialsChange.change INVALID: VALIDATE: com.ubisecure.ubilogin.directory.spi.StatusException: INVALID: VALIDATE |
Control the log levels by the application itself with the package name com.ubisecure.ubilogin.password
in the logger configuration file.For more information, see SSO diagnostics log, Configuration.
For the package or class names by the libraries in use contact IDS support.
Example debug configuration in include-logback.xml
:
Code Block | ||
---|---|---|
|
...
<!-- |
...
(10) Customise log levels |
...
- |
...
Security consideration
LDAPS should always be used for the connection to the user repositiory where a password reset is done.
...
->
<logger name="com.ubisecure.ubilogin.password" level="DEBUG" />
<logger name="com.ubisecure.saml2.metadata.URLMetadataLocator" level="DEBUG" /> |
Audit log
In a basic configuration, Password application audit log events are printed to this file: password_audit.YYYY-MM-DD.log
in the ubilogin/logs
folder.