Skip to main content
Pentaho Documentation

Log Output Analysis

The information you need to look for in pentaho.log in order to troubleshoot security configuration problems should be fairly self-evident. If you are having trouble, consult the examples below.

When you request a page that is protected but you are not yet logged in, you should see an exception in the log which looks like this:

DEBUG [ExceptionTranslationFilter] Access is denied (user is anonymous);
            redirecting to authentication entry point
            Access is denied

When the user name and/or password doesn't match what's stored in the back end, you should see a log message like this:

WARN [LoggerListener] Authentication event
            AuthenticationFailureBadCredentialsEvent: suzy; details:
            SessionId: 976C95033136070E0200D6DA26CB0277; exception: Bad credentials

When the user name and password match, you should see a log message that looks like the example below. After the InteractiveAuthenticationSuccessEvent, one of the filters will show the roles fetched for the authenticated user. Compare these roles to the page-role mapping found in the filterInvocationInterceptor bean in applicationContext-spring-security.xml.

WARN [LoggerListener] Authentication event InteractiveAuthenticationSuccessEvent:
            suzy; details: RemoteIpAddress:
  ; SessionId: 976C95033136070E0200D6DA26CB0277 DEBUG
            [HttpSessionContextIntegrationFilter] SecurityContext stored to HttpSession:
            ' Authentication:
  ; Password: [PROTECTED];
            Authenticated: true; Details:
            RemoteIpAddress:; SessionId: 976C95033136070E0200D6DA26CB0277; Granted
            Authorities: ROLE_CTO, ROLE_IS, ROLE_AUTHENTICATED'

If you are troubleshooting LDAP problems, look for log output similar to this:

DEBUG [DirMgrBindAuthenticator] (LoggingInterceptor) Return value: LdapUserInfo:
  , uid=uid: suzy, userpassword=userpassword: [B@e17c9c,
            businesscategory=businesscategory: cn=cto,ou=roles,ou=system, cn=is,ou=roles,ou=system,
            objectclass=objectClass: organizationalPerson, person, groupOfUniqueNames,
            inetOrgPerson, top, uniquemember=uniquemember: cn=cto, ou=roles, cn = is , ou = roles,
            sn=sn: Pentaho, cn=cn: suzy}]