Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

Logback has been chosen as the logging framework because it supports all the functionality that had been implemented in the SSO proprietary logging system.

Logback configuration files have been organized in the following way:

  1. Each web application has its class path the defined context name for the application in a logback.xml file. This file also includes the actual logger configuration for the application.

  2. Common logger configurations, used by all web applications found in the include-logback.xml file. This file contains all the definitions required by SSO logback configuration.

Main logback.xml files

The logback.xml files reside in the default installation location for each web application, (<webapp> is the name of the web application like uas, logviewer, sso-api etc.):

  • Linux: /usr/local/ubisecure/ubilogin-sso/ubilogin/webapps/<webapp>/WEB-INF/classes from where it is copied to /usr/local/ubisecure/ubilogin-sso/tomcat/webapps/<webapp>/WEB-INF/classes during the installation process

  • Windows: C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\webapps\<webapp>\WEB-INF\classes from where it is copied to C:\Program Files\Ubisecure\ubilogin-sso\tomcat\webapps\<webapp>\WEB-INF\classes during the installation process

There is no need for the customers to modify either of these configuration files, but below are examples with explanations.

 The contents of the logback.xml file with explanations

SSO authentication server (uas)

Linux installation /usr/local/ubisecure/ubilogin-sso/ubilogin/webapps/uas/WEB-INF/classes/logback.xml:

<?xml version="1.0" encoding="UTF-8"?>
<configuration debug="true" scan="false" scanPeriod="30 seconds">
	<property name="LOG_CONTEXT" scope="context" value="uas" />
	
  <include file="/usr/local/ubisecure/ubilogin-sso/ubilogin/custom/logging/include-logback.xml"/>    
</configuration>

Windows installation C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\webapps\uas\WEB-INF\classes\logback.xml:

<?xml version="1.0" encoding="UTF-8"?>
<configuration debug="true" scan="false" scanPeriod="30 seconds">
	<property name="LOG_CONTEXT" scope="context" value="uas" />
	
  <include file="C:\Program Files\Ubisecure\ubilogin-sso\ubilogin/custom/logging/include-logback.xml"/>    
</configuration>

Notes:

  • The attribute debug="true" in the configuration element facilitates troubleshooting for the logging configuration

    • When set to true, logback will print status information to the console as it processes the configuration

    • In Windows installations, see the note about Troubleshooting the log configuration at the end of this page

    • All other web applications except uas has this setting as false in order not to repeat the status information many times

  • The attribute scan="false" in the configuration element disables scanning of changes in the logger configuration files (logback.xml and include-logback.xml)

    • If set to true, logback will reload the logging configurations found in both files

    • The interval to scan for any file changes is defined by the scanPeriod setting

    • All web applications have this set to false by default

  • The LOG_CONTEXT property is individual for each web application and is the same as the folder name of that application

Shared include-logback.xml file

The include-logback.xml file resides in the following location in the default installation. This file in intended to permit customisation: JOHN edited to here

  • Linux: /usr/local/ubisecure/ubilogin-sso/ubilogin/custom/logging

  • Windows: C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\custom\logging

 The contents of the include-logback.xml file with explanations

Linux installation: /usr/local/ubisecure/ubilogin-sso/ubilogin/custom/logging/include-logback.xml

Windows installation: C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\custom\logging\include-logback.xml

Each section of this file is explained below.

  <!-- (1) Default levels for Diagnostic logs entry types -->
  <turboFilter class="com.ubisecure.common.logging.MarkerBasedLogFilter">
    <DefaultLevels>audit=info;tech=info;diag.*=info</DefaultLevels>
  </turboFilter>

  • SSO diagnostic log levels especially for the uas application can be set by entry types, see Diag log description

  • DefaultLevels element specifies the default levels for each entry type

  • Without this definition the default level is off

  • Default level can be overridden here or the level in use can be set via the management UI

  • Audit log is enabled by default

  • In order to enable Statistics log, DefaultLevels element values need to be modified

  <!-- (2) Limit the amount of rotated files to be preserved. 
       Uncomment property and set the appropriate value if you desire this feature -->
  <!-- <property name="LOG_FILE_MAX_HISTORY" value="10" />  -->
  <!-- <property name="AUDIT_LOG_FILE_MAX_HISTORY" value="400" /> -->
  <!-- <property name="PASSWORD_AUDIT_LOG_FILE_MAX_HISTORY" value="400" /> -->

  • By default, log files are rotated on a daily basis and the old files are never deleted

  • By removing comment signs from these properties and specifying the amount of days you need to preserve, you can make logback to deleted the old files automatically

  • Property LOG_FILE_MAX_HISTORY applies to SSO diagnostics log (sso_diag.<YYYY-MM-DD>.log)

  • Property AUDIT_LOG_FILE_MAX_HISTORY applies to uas and SSO management (ubilogin) audit logs and statistics log (uas3_audit.<YYYY-MM-DD>.log, uas3_statistics.<YYYY-MM-DD>.log, management_audit.<YYYY-MM-DD>.log)

  • Property PASSWORD_AUDIT_LOG_FILE_MAX_HISTORY applies to password and password-reset audit log (password_audit.<YYYY-MM-DD>.log)

  <!-- (3) SSO log format settings START -->
  
  <conversionRule conversionWord="diagex" converterClass="com.ubisecure.common.logging.LogExceptionConverter" />
  <conversionRule conversionWord="diagmarker" converterClass="com.ubisecure.common.logging.MarkerConverter" />

  <conversionRule conversionWord="diagex" converterClass="com.ubisecure.common.logging.LogExceptionConverter" />
  <conversionRule conversionWord="diagmarker" converterClass="com.ubisecure.common.logging.MarkerConverter" />

  <if condition='property("LOG_CONTEXT").equalsIgnoreCase("sso-api")'>
    <then>
      <property name="DIAG_LOG_PATTERN" value="%d{'yyyy-MM-dd HH:mm:ss,SSS'} %property{LOG_CONTEXT} %diagmarker %level %X{remote-addr} %X{sub} %msg %diagex%nopex%n" />
    </then>
    <else>
      <property name="DIAG_LOG_PATTERN" value="%d{'yyyy-MM-dd HH:mm:ss,SSS'} %property{LOG_CONTEXT} %diagmarker %level %msg %diagex%nopex%n" />
    </else>
  </if>
  <property name="CONSOLE_LOG_PATTERN" value="${DIAG_LOG_PATTERN}" />
  <property name="FILE_LOG_PATTERN" value="${DIAG_LOG_PATTERN}" />
  <property name="AUDIT_FILE_LOG_PATTERN" value="&#34;%d{'yyyy-MM-dd HH:mm:ss,SSS'}&#34;,%msg%n" />
  <property name="MANAGEMENT_AUDIT_LOG_PATTERN" value="%d{'yyyy-MM-dd HH:mm:ss,SSS'} %msg %diagex%nopex%n" />
  <property name="PASSWORD_AUDIT_LOG_PATTERN" value="%msg %diagex%nopex%n" />
  
  <!-- (3) SSO log format settings END -->

  • Log format is specified for each logback appender with pattern properties

  • The format for file appenders are compatible with e.g. Logviewer

  • Diagnostic log pattern is the same for all web applications except sso-api has even more fields in it, the fields are:

    • date-timestamp

    • web application name e.g. uas, ubilogin, sso-api etc.

    • either the entry type (init, tech, method etc.) or fully qualified class name (e.g. com.ubisecure.saml2.metadata.URLMetadataLocator)

    • log level

    • sso-api only: remote IP address of the caller

    • sso-api only: authenticated user calling the API

    • log message

    • exception message

      • the full stack trace is printed only in case of debug level set to the entry type or fully qualified class name of this log event

      • full stack trace is printed always in case of a third party library logging an exception

  • Audit log patterns are compatible with previous releases

  • We don’t recommend you to modify these settings except CONSOLE_LOG_PATTERN can be altered if desired

  <!-- (4) SSO log folder and base file name -->
  <property name="LOG_FOLDER" value="/usr/local/ubisecure/ubilogin-sso/ubilogin/logs" />
  <property name="SSO_LOG_FILE_PREFIX" value="${LOG_FOLDER}/sso" />
  <property name="UAS_LOG_FILE_PREFIX" value="${LOG_FOLDER}/uas3" />

  • Windows installation: <property name="LOG_FOLDER" value="C\:\\Program Files\\Ubisecure\\ubilogin-sso\\ubilogin/logs" />

  • These settings define the log folder which is set during the installation process (platform specific) and the log file base names

  <!-- (5) SSO installation log appenders START -->
  <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
...
  </appender>

  <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
...
    <!-- <file>${SSO_LOG_FILE_PREFIX}_diag.log</file> -->
    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
      <fileNamePattern>${SSO_LOG_FILE_PREFIX}_diag.%d{yyyy-MM-dd}.log</fileNamePattern>
      <if condition='isDefined("LOG_FILE_MAX_HISTORY")'>
        <then>
          <maxHistory>${LOG_FILE_MAX_HISTORY}</maxHistory>
        </then>
      </if>
    </rollingPolicy>
  </appender>
...
  
  <!-- (5) SSO installation log appenders END -->

  • The noteworthy thing with file appenders is that a time based rolling policy on daily basis has been defined like in the previous releases

  • Because the file element on top of the rollingPolicy element is commented out, also the current day's file has the date in its name (e.g. sso_diag.2022-11-25.log)

    • In linux systems it is possible to remove the comment signs from the file element and have the current day’s file without date in its name (e.g. sso_diag.log)

    • Only the files with the date in their names are visible in the Logviewer application

  • The maxHistory element is defined only if the respective property is set in the beginning of this configuration file

  <!-- (6) SSO management audit log. -->
  <!-- Set the level to INFO if you desire to have SSO Management audit file log -->
  <logger name="com.ubisecure.ubilogin.management" level="OFF">
    <appender-ref ref="MANAGEMENT_AUDIT_FILE" />
  </logger>

  • In order to activate Management audit log, the level attribute here must be set to INFO

  • If you are not interested in this feature, you may delete the whole section, as even if you have no events for them, these definitions will create empty files for each day

  <!-- (7) SSO SatuHetu log appender if needed START -->
  ...
  <!-- (7) SSO SatuHetu log appender if needed END -->

  • This part is relevant only for a few customers

  <!-- (8) Syslog appenders if needed START -->
...
  <!-- (8) Syslog appenders if needed END -->

  • This part is relevant only for Ubisecure own cloud installation (IDC)

  <!-- (9) Configure appenders for logging with default INFO level -->
  <root level="INFO">
    <appender-ref ref="CONSOLE" />
    <appender-ref ref="FILE" />
    <appender-ref ref="AUDIT_FILE" />
    <appender-ref ref="STATISTICS_FILE" />
    <appender-ref ref="PASSWORD_AUDIT_FILE" />
  </root>
...

  • In this section the default level INFO is specified for each appender

  • This means that the default logging level for all Java classes, implemented by Ubisecure or third parties, is INFO

  • If you don’t desire to have console logging, you could remove CONSOLE appender from this list

  • Basically the same applies to file appenders, as even if you have no events for them, these definitions will create empty files for each day

  • You should keep at least FILE and AUDIT_FILE appenders here

  <!-- (10) Customise log levels -->
  <!-- Some examples  -->
  <logger name="com.ubisecure.saml2.metadata.URLMetadataLocator" level="INFO" />

  • In this section you can override the default level INFO for any Java package or class

  • You can set a higher level in order to reduce logging

  • You can set a lower level when troubleshooting

Troubleshooting the log configuration

 Verify from the console log the following kind of information being present when SSO authentication server (uas) is being started

Windows installation example (the paths differ in the linux installation)

05:01:09,309 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback-test.xml]
05:01:09,309 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Found resource [logback.xml] at [file:/C:/Program%20Files/Ubisecure/ubilogin-sso/tomcat/webapps/uas/WEB-INF/classes/logback.xml]
05:01:09,371 |-INFO in ch.qos.logback.core.joran.util.ConfigurationWatchListUtil@1df5c1f3 - Adding [file:/C:/Program%20Files/Ubisecure/ubilogin-sso/ubilogin/custom/logging/include-logback.xml] to configuration watch list.
05:01:09,403 |-INFO in ch.qos.logback.core.joran.action.ConversionRuleAction - registering conversion word diagex with class [com.ubisecure.common.logging.LogExceptionConverter]
05:01:09,403 |-INFO in ch.qos.logback.core.joran.action.ConversionRuleAction - registering conversion word diagmarker with class [com.ubisecure.common.logging.MarkerConverter]
05:01:09,403 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.ConsoleAppender]
05:01:09,403 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [CONSOLE]
05:01:09,403 |-INFO in ch.qos.logback.core.joran.action.NestedComplexPropertyIA - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] for [encoder] property
05:01:09,434 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.rolling.RollingFileAppender]
05:01:09,449 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [FILE]
05:01:09,449 |-INFO in ch.qos.logback.core.joran.action.NestedComplexPropertyIA - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] for [encoder] property
05:01:09,637 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@2143236581 - No compression will be used
05:01:09,637 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@2143236581 - Will use the pattern C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/sso_diag.%d{yyyy-MM-dd}.log for the active file
05:01:09,637 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - The date pattern is 'yyyy-MM-dd' from file name pattern 'C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/sso_diag.%d{yyyy-MM-dd}.log'.
05:01:09,637 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - Roll-over at midnight.
05:01:09,637 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - Setting initial period to Mon Oct 03 05:01:09 UTC 2022
05:01:09,637 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[FILE] - Active log file name: C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/sso_diag.2022-10-03.log
05:01:09,637 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[FILE] - File property is set to [null]
05:01:09,637 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.rolling.RollingFileAppender]
05:01:09,637 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [AUDIT_FILE]
05:01:09,637 |-INFO in ch.qos.logback.core.joran.action.NestedComplexPropertyIA - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] for [encoder] property
05:01:09,637 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@1273758108 - No compression will be used
05:01:09,637 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@1273758108 - Will use the pattern C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/uas3_audit.%d{yyyy-MM-dd}.log for the active file
05:01:09,637 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - The date pattern is 'yyyy-MM-dd' from file name pattern 'C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/uas3_audit.%d{yyyy-MM-dd}.log'.
05:01:09,637 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - Roll-over at midnight.
05:01:09,637 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - Setting initial period to Mon Oct 03 05:01:09 UTC 2022
05:01:09,637 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[AUDIT_FILE] - Active log file name: C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/uas3_audit.2022-10-03.log
05:01:09,637 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[AUDIT_FILE] - File property is set to [null]
05:01:09,653 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.rolling.RollingFileAppender]
05:01:09,653 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [STATISTICS_FILE]
05:01:09,653 |-INFO in ch.qos.logback.core.joran.action.NestedComplexPropertyIA - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] for [encoder] property
05:01:09,653 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@855663126 - No compression will be used
05:01:09,653 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@855663126 - Will use the pattern C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/uas3_statistics.%d{yyyy-MM-dd}.log for the active file
05:01:09,653 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - The date pattern is 'yyyy-MM-dd' from file name pattern 'C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/uas3_statistics.%d{yyyy-MM-dd}.log'.
05:01:09,653 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - Roll-over at midnight.
05:01:09,653 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - Setting initial period to Mon Oct 03 05:01:09 UTC 2022
05:01:09,653 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[STATISTICS_FILE] - Active log file name: C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/uas3_statistics.2022-10-03.log
05:01:09,653 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[STATISTICS_FILE] - File property is set to [null]
05:01:09,653 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.rolling.RollingFileAppender]
05:01:09,653 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [MANAGEMENT_AUDIT_FILE]
05:01:09,653 |-INFO in ch.qos.logback.core.joran.action.NestedComplexPropertyIA - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] for [encoder] property
05:01:09,653 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@942307416 - No compression will be used
05:01:09,653 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@942307416 - Will use the pattern C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/management_audit.%d{yyyy-MM-dd}.log for the active file
05:01:09,653 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - The date pattern is 'yyyy-MM-dd' from file name pattern 'C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/management_audit.%d{yyyy-MM-dd}.log'.
05:01:09,653 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - Roll-over at midnight.
05:01:09,653 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - Setting initial period to Mon Oct 03 05:01:09 UTC 2022
05:01:09,653 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[MANAGEMENT_AUDIT_FILE] - Active log file name: C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/management_audit.2022-10-03.log
05:01:09,653 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[MANAGEMENT_AUDIT_FILE] - File property is set to [null]
05:01:09,653 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.rolling.RollingFileAppender]
05:01:09,653 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [PASSWORD_AUDIT_FILE]
05:01:09,653 |-INFO in ch.qos.logback.core.joran.action.NestedComplexPropertyIA - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] for [encoder] property
05:01:09,668 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@1956080095 - No compression will be used
05:01:09,668 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@1956080095 - Will use the pattern C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/password_audit.%d{yyyy-MM-dd}.log for the active file
05:01:09,668 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - The date pattern is 'yyyy-MM-dd' from file name pattern 'C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/password_audit.%d{yyyy-MM-dd}.log'.
05:01:09,668 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - Roll-over at midnight.
05:01:09,668 |-INFO in c.q.l.core.rolling.DefaultTimeBasedFileNamingAndTriggeringPolicy - Setting initial period to Mon Oct 03 05:01:09 UTC 2022
05:01:09,668 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[PASSWORD_AUDIT_FILE] - Active log file name: C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/logs/password_audit.2022-10-03.log
05:01:09,668 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[PASSWORD_AUDIT_FILE] - File property is set to [null]
05:01:09,668 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Setting level of logger [com.ubisecure.ubilogin.management] to INFO
05:01:09,668 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [MANAGEMENT_AUDIT_FILE] to Logger[com.ubisecure.ubilogin.management]
05:01:09,668 |-INFO in ch.qos.logback.classic.joran.action.RootLoggerAction - Setting level of ROOT logger to INFO
05:01:09,668 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [CONSOLE] to Logger[ROOT]
05:01:09,668 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [FILE] to Logger[ROOT]
05:01:09,668 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [AUDIT_FILE] to Logger[ROOT]
05:01:09,668 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [STATISTICS_FILE] to Logger[ROOT]
05:01:09,668 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [PASSWORD_AUDIT_FILE] to Logger[ROOT]
05:01:09,668 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Setting level of logger [com.ubisecure.saml2.metadata.URLMetadataLocator] to INFO
05:01:09,668 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Setting level of logger [com.ubisecure.util.filter] to DEBUG
05:01:09,668 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - End of configuration.
05:01:09,684 |-INFO in ch.qos.logback.classic.joran.JoranConfigurator@6373088 - Registering current configuration as safe fallback point
05:01:09,293 |-INFO in ch.qos.logback.classic.servlet.LogbackServletContainerInitializer@2ac5a474 - Due to deployment instructions will NOT register an instance of class ch.qos.logback.classic.servlet.LogbackServletContextListener to the current web-app
2022-10-03 05:01:09,700 uas init INFO Ubilogin Authentication Server 9.1.0 starting

NOTE about SSO Tomcat console log (including System.out and System.err)

In linux environments console log is visible e.g. in /var/log/messages.

In Windows environments console log is disabled by default. In order to verify events in console log you need to do the following:

  1. Edit the C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\config\tomcat\install-service.cmd script

  2. Replace the logger parameters for the service --StdOutput nul --StdError nul => --StdOutput auto --StdError auto (line 16)

    "%prunsrv.exe%" "//US/%TOMCAT_INSTANCENAME%" --LogPath "%CATALINA_HOME%\logs" --StdOutput auto --StdError auto

  3. Update and restart SSO service by executing C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\config\tomcat\update.cmd script

  4. These logs files will be created in Tomcat logs folder C:\Program Files\Ubisecure\ubilogin-sso\tomcat\logs

    1. ubiloginserver-stdout.YYYY-MM-DD.log

    2. ubiloginserver-stderr.YYYY-MM-DD.log

Links:

  • No labels

Ubisecure Privacy Policy & Cookie Statement