Digest Authentication Logging

0
votes

I am trying to troubleshoot a problem with digest authentication. Are there any trace events or log entries that an administrator should have access to for authentication events? I have the app server set to finest logging and don't see anything there. Any other ideas?

Update: I can see what it looks like in the access log when they make a request and it gives the user a 401 response code. The problem comes where sporadically, the user is prompted for a password again without closing their browser. Is there any way to know what is wrong with their request that the token is no longer valid?

2
marklogic
welcome to stackoverflow, please consider adding more information to your question - Inder

2 Answers

1
votes

Yes, there are access logs in the same directory as system and error logs. The filename will look like 9001_AccessLog.txt, where the number is the port number. The directory for your OS's log files is listed here: https://docs.marklogic.com/guide/admin/logfiles#id_22670

1
votes

In the end I finally realized that I could use xdmp:get-request-header in the rewriter for the app to capture the authorization header in the error log. This is the key information that I was hoping to gather. Now I can compare the authorization requests when the request works as expected to when the user is prompted to re-enter their credentials.