Try OpenEdge Now
skip to main content
Installation and Configuration
AdminServer Authorization and Authentication : AdminServer logging details : Log format : Log contents
 
Log contents
The following describes the fields in the security entry:
*Date — The existing Logging tool automatically inserts the current date using the existing AdminServer log format.
*Level — The possible levels are 1 through 5, in compliance with the existing AdminServer log conventions. The security entry will use only the following levels:
*0 indicates an internal error
*2 indicates an error condition and explains why the client was not authenticated or authorized
*3 indicates success and is used for tracking purposes
*"security" — This is a text constant that Progress specifies in order to simply log file scanning tools, so that an automated parser can easily identify security events.
*UserName — This field contains the user account being authenticated to the AdminServer. This field might indicate "no-user" if the authentication and/or authorization operation failed before the authentication portion could take place. In Windows systems only, the UserName might be in the form [domain\]UserName where domain is the result of an account lookup operation when the user has not specified a fully qualified user account.
*UserSuppliedPwd — This field indicates whether the password being validated for the user account is one of the three following possible conditions:
*Y indicates that the password is supplied by the user
*N indicates that the password supplied is by the single sign-on password generator
*X indicates that the password has not yet been validated
*GroupInfo — This field contains group authorization information. When the AdminServer initializes, it validates that a minimum of one group is accessible before allowing startup. In this instance, the field will contain the list of available groups and unavailable groups. Unavailable groups are identified within enclosing braces.
The following example shows the format of GroupInfo:
group, group...;{unavailablegroup,unavailablegroup...}
In Windows only, the list of available groups might have the Windows domain prefixed in square brackets to indicate where the group name lookup operation found the entry.
When a security entry is made for an authentication or authorization operation, it can contain:
*No Group Checking — Indicates that the AdminServer started without the -admingroup option and no group authorization took place
*GroupName — Indicates that a single group name was successfully authorized for the user with a success message logged
*GroupNames — Indicates the group names that the user failed to authorize when the failure message was logged
*Text — This field contains one of the messages that further explains the success or failure. The possible text messages follow:
*User is not authenticated
*User is authenticated and authorized
*User is not authorized
*Failed to find the admingroup(s)
*Failed to find the admingroup, not a valid group list
*Failed to find the admingroup, please provide a valid group list
*User password is not valid
*System generated password has expired
*Error, system generated password is not valid, user and host are valid
*Valid group list
The default behavior for logging is that both success and failure events will be logged.