...
Field | Value | Example | ||||
---|---|---|---|---|---|---|
Default Domain | This is the domain that users will be presented with when they open PhixFlow. They will be able to select a different domain by selecting from a drop-down list, which will show all configured domains, as well as local. The local domain is used when logging in as an internal PhixFlow user User. |
| ||||
Active Directory Login Group | The list of names of Active Directory groups authorized to use this instance of PhixFlow, separated by semicolons. There must be no spaces between the groups listed, just semicolons. Use {instance} to include the PhixFlow instance name (this is set up in System configuration). Note that these groups do not have to be mapped to any of the PhixFlow User Groups (see below), although they can be if you wish. |
|
...
Enhanced diagnostics can be generated by adding the linelines
Code Block |
---|
# detailed logging for AD connection attempts log4j.logger.org.springframework.security=debug log4j.logger.com.accipia.centerview.util.ContextUserExtractor=debug log4j.logger.com.accipia.centerview.util.security=debug log4j.logger.com.accipia.centerview.model.POJOImpl=debug |
to your log4j.properties file - seeĀ Server Logging for details on controlling logging options with this file, and where to find the results.
Note that with all options applied, the log files generated will be very large. You must switch off these options as soon as you have completed your tests. You can comment out the lines in the log4j.properties file, if you want to keep them in the file, by placing a # at the beginning of each line.
You could also consider applying a more limited set of debugging options, e.g.
Code Block |
---|
log4j.logger.org.springframework.security=debug
log4j.logger.com.accipia.centerview.util.security=debug |
This will not give you as complete a log of what is happening during a login attempt, but the log files generated will be smaller. In particular, this reduced set of debugging options will include messages from
Code Block |
---|
com.accipia.centerview.util.security.ActiveDirectoryLdapAuthenticationProvider |
which provides information about what groups the user attempting to login belongs to.