User guide

Maintenance Using Access Logs

4-19

Date/Time

Access date/time is recorded in the “YYYY/MM/DD HH:MM:SS+XXXX” format.

"+XXXX" refers to the time difference from UTC (Universal Time Coordinate). In cases where "-XXXX"

is used, it means the same as above.

User Identification Information

User identification information (dn or uid) identifies the user who has requested authentication or has

been authenticated and records the information. If the user cannot be identified, ‘unknown’ is recorded.

If the certificate presented during certificate authentication is not registered in the SSO repository or the

user cannot be uniquely specified from the presented certificate, the serial number, issuer distinguished

name, and owner distinguished name of the certificate are recorded.

Processing Result

The processing result is recorded in the following format:

• If user authentication processing is requested from the authentication server

Authentication (authentication method) [succeeded|failed]

One of the following is recorded for authentication method:

{basicAuth|certAuth|basicAuthAndCertAuth|unknown}

The meanings of the above authentication methods are as follows:

− basicAuth

“Password Authentication”

− certAuth

“Certificate Authentication”

− basicAuthAndCertAuth

“Password Authentication and Certificate Authentication”

− unknown

“The authentication method cannot be determined.”

If "password authentication or certificate authentication" was performed, the "basicAuth" or

"certAuth" access log is recorded.

Supplementary Information

The cause of authentication failure is recorded.

For details about supplementary information in the access log, refer to “Messages Logged and Output in

Single Sign-on” – “Access Log in Single Sign-on Mode” – “Access Log of the Authentication Server” –

‘Supplementary Information in the Access Log of the Authentication Server” in Messages.

The cause of the authentication failure will not always be recorded.