we use OID for SSO authentication of user for Oracle E Business Suite. There is a log ssoServer.log in ORAIDM/product/sso/log where I can see some errors like:
Thu Apr 19 13:32:49 CEST 2012 [ERROR] AJPRequestHandler-ApplicationServerThread-2176 Could not get attributes for user, username@domain
That's OK - means there is no such user in OID.
But when user for example enters wrong password, nothing is logged here and he is getting only error message in the browser "Authentication failed. Please try again".
Then I have no possibility to find out what is wrong, because nothing is logged in this log file.
So the question is - should I use different log level? If log level will be increased, will there such attempts be logged in this log?
Or is it logged somewehere alse already? Any hints, ideas would be nice. Thanks.