...
Enhanced diagnostics can be generated by adding the linelines
| Code Block |
|---|
# detailed logging for AD connection attempts log4j.logger.org.springframework.security=debug log4j.logger.com.accipia.centerview.util.ContextUserExtractor=debug log4j.logger.com.accipia.centerview.util.security=debug log4j.logger.com.accipia.centerview.model.POJOImpl=debug |
to your log4j.properties file - seeĀ Server Logging for details on controlling logging options with this file, and where to find the results.
Note that with all options applied, the log files generated will be very large. You must switch off these options as soon as you have completed your tests. You can comment out the lines in the log4j.properties file, if you want to keep them in the file, by placing a # at the beginning of each line.
You could also consider applying a more limited set of debugging options, e.g.
| Code Block |
|---|
log4j.logger.org.springframework.security=debug
log4j.logger.com.accipia.centerview.util.security=debug |
This will not give you as complete a log of what is happening during a login attempt, but the log files generated will be smaller. In particular, this reduced set of debugging options will include messages from
| Code Block |
|---|
com.accipia.centerview.util.security.ActiveDirectoryLdapAuthenticationProvider |
which provides information about what groups the user attempting to login belongs to.