CentraSite Documentation : CentraSite Administrator’s Guide : Authentication Topics and LDAP : Logging of Login Authentication Messages : Activating the Authentication Logging
Activating the Authentication Logging
You can specify the authentication logging options in the CentraSite login context of jaas.config file.
The CentraSite login context consists of one or more modules. Each individual module is defined by a specification. For example, you might specify a single login module LDAPLoginModule like the example shown below:
com.softwareag.security.sin.is.ldap.lm.LDAPLoginModule ...
You can specify arbitrary login modules. For example:
com.softwareag.security.sin.is.ldap.lm.LDAPLoginModule
com.softwareag.security.jaas.login.internal.InternalLoginModule
Options for activating the logging can be added to login modules: The available logging options are:
*useLog. Specify true to switch logging on, or false to switch logging off.
*logLevel. Specify the level of logging information required. Possible values are:
*error - log only error messages
*info - log error and information messages
*debug - log all messages with additional debug information
*logFile. Specify the path and file name of the log file.
We recommend that you specify the logging options to the first occurrence of the above login modules.
The following example shows how to activate a SIN logging:
CentraSite {
com.softwareag.security.sin.is.ldap.lm.LDAPLoginModule required
useLog="true"
logFile="/opt/softwareag/profiles/CTP/logs/sin-SAG-LDAP.log"
logLevel="DEBUG"
domain="SAG"
alias="SAG"
applyDomain="true"
url="ldap://daeqarh01.eur.ad.sag:10389"
prin="cn=LdapUser4CSAdmin,ou=people,ou=gdm,o=sag"
cred="manage"
usecaching="false"
useaf="true"
dnprefix="cn="
dnsuffix=",ou=people,ou=gdm,o=sag"
userrootdn="ou=people,ou=gdm,o=sag"
uidprop="cn"
personobjclass="inetOrgPerson"
mattr="uniqueMember"
memberinfoingroups="true"
grouprootdn="ou=groups,ou=gdm,o=sag"
gidprop="cn"
groupobjclass="groupOfUniqueNames"
creategroups="true"
createGroupProperties="true"
createUserProperties="true";
};
This configuration creates a log file: /opt/softwareag/profiles/CTP/logs/sin-SAG-LDAP.log
The log shows whether login attempts are successful or not, and indicates the user domain where CentraSite attempted to find the login user information, for example:
...Authenticator (<domain>, ...) was created successfully
...login of user <username> (domain: <domain>) was successful.
If the authentication was not successful, a message such as the following is displayed:
Login of user <username> (host: <hostname>, port:<portnumber>) failed.
Copyright © 2005-2015 Software AG, Darmstadt, Germany.

Product LogoContact Support   |   Community   |   Feedback