Um bei den Login-Problemen, vor allem bei einer aktiven LDAP-Authentifizierung wird es mit den unten stehenden Blocks das Debugging aktiviert.
ATTENTION: Setting the following lines is unsecure because details of the authentication are logged. If you use it, don’t forget to remove it later.
Add this snippets to verinice server log4j configuration:
/usr/share/tomcat/webapps/veriniceserver/WEB-INF/classes/log4j.xml
AD / LDAP authentication:
<logger name="sernet.gs.server.security.LdapAuthenticatorImpl">
<level value="DEBUG" />
</logger>
AD / LDAP / SSO / PreAuth authentication:
<logger name="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider">
<level value="DEBUG" />
</logger>
<logger name="org.springframework.security.ui.preauth.header.RequestHeaderPreAuthenticatedProcessingFilter"> <level value="DEBUG" />
</logger>
Restart tomcat afterwards:
systemctl restart tomcat
SSL
To log information about SSL connections set VM start parameter:
-Djavax.net.debug=all
This logs output to command line without setting other parameters. SSL output is not logged by log4j.
For the case of using Windows, STDOUT on console stays silent. Please call verinice.exe
via
verinice.exe > sslLogFile.log 2>&1
to redirect output of javax.net.debug
to specified logfile (sslLogFile.log).