Skip to main content
Code42 Support

View single sign-on logs

Applies to:
  • Code42 CrashPlan (previously CrashPlan PROe)

Overview

Your master server's SSO log messages can help you troubleshoot SSO configuration and authentication issues. This article describes how to find SSO log messages and how to increase the level of detail included in SSO log messages.

Considerations

The following log message is normal: “Not syncing SSO metadata at this moment due to rate limiting." Rate limiting prevents syncing with your identity provider more than once per minute.

Find SSO log messages

SSO log messages are written to the master server's com_backup42_app.log.* file.

Step 1: View the log file

There are two ways to view Code42 server log files.

View the log file in the administration console

  1. Connect to your master server's administration console.
  2. Navigate to Settings > Server.
  3. Next to System Logs, click View.
    The Logs tab appears.
  4. Select com_backup42_app.log.0 from the menu.

View the log file in a text editor

  1. Sign in to the server that hosts your master server.
  2. Use the text editor of your choice to open the com_backup42_app.log.0 file, which is located in your master server's logs directory:
    • Linux: /var/log/proserver
      Applies to Code42 servers installed as root on Ubuntu
    • Windows: C:\Program Files\CrashPlan PROe Server\logs
    • OS X: /Library/Logs/PROServer

Step 2: Search the log file for SSOauth

To find SSO-related activity in the log file, search for SsoAuth.

In the following example, adding an identity provider to the master server failed because the mappings between the Code42 platform user attributes and identity provider SSO assertion attributes were improperly configured.

[04.09.15 13:53:14.894 INFO    jetty-web-2727       com.code42.ssoauth.saml.SamlResponse    ] Attribute not found; attributeName=givenName
[04.09.15 13:53:14.894 INFO    jetty-web-2727       com.code42.ssoauth.saml.SamlResponse    ] Attribute not found; attributeName=sn
[04.09.15 13:53:14.894 INFO    jetty-web-2727       com.code42.ssoauth.saml.SamlResponse    ] Attribute not found; attributeName=mail
[04.09.15 13:53:14.894 ERROR   jetty-web-2727       m.code42.ssoauth.saml.SamlSsoAuthService] AUTH:: SsoAuth:: IdP user attribute mapping failed, triggering system alert; ssoIdentityProviderId=1
[04.09.15 13:53:14.894 INFO    jetty-web-2727       com.backup42.history.CpcHistoryLogger   ] HISTORY:: SysAlert:: Adding: SystemAlert[name='SSO identity provider failed user attribute mapping: Centrify, nodeGuid:683985806754695484, nonIdObjs:[ displayName=Centrify, originatingNodeName=CrashPlan PROe Server ]', occurrences=1, lastOccurrence=Thu Apr 09 13:53:14 CDT 2015]

Increase SSO log detail

If you need to see more details in SSO log messages for troubleshooting purposes, you can use the administration console CLI to increase the logging detail for SSO.

SSO log detail levels

The following detail levels can be set for SSO logging (listed in order of most detailed to least detailed):

  • ALL
  • TRACE
  • DEBUG
  • INFO (default)
  • WARN
  • ERROR
  • FATAL
  • OFF
Log level for troubleshooting
We recommend using log level DEBUG when troubleshooting SSO configuration and authentication.

Change the SSO log detail level

You can see more detail by increasing the logging level for SSO errors.

  1. Enter the administration console CLI by double-clicking the logo in the upper-left corner.
  2. Enter the following command:
    log com.code42.ssoauth DEBUG
    For extra detail, use TRACE or ALL.
  3. After debugging is complete, restart the Code42 server or reset the debugging level to INFO with the command:
    log com.code42.ssoauth INFO