You can configure your Web application to record invalid user identifiers for an administration application. By default, this field contains "UnknownUser"
if the user identifier is invalid.
Note: Authorized users may accidentally enter valid passwords in the user name field. If you choose to record invalid user identifiers, the audit log file may contain those unencrypted passwords. Make sure you secure access to the audit log file if it may contain valid passwords.
To disable recording of invalid usernames, set the disableUserName
property of the AuthenticationMessageTrigger
component for the administration application to true
. See AuthenticationMessageTrigger Components.
If you do not record invalid usernames, you can choose the string that is used in place of them in the audit log file. Set the string in the defaultUserName
property of the AuthenticationMessageTrigger
component.