As a precaution, you might want to log information about attempts to log in to the Dynamo Server Admin, such as the IP address from which the login originated. Logging this information can alert you to unauthorized attempts to gain access to your Nucleus-based applications, or simply allow you to track usage of the Admin UI.
The /atg/dynamo/servlet/adminpipeline/AuthenticationServlet
component has two properties that control what login information is logged:
logFailedAuthentications
: Iftrue
, logs failed attempts to log in (defaults totrue
).logSuccessfulAuthentications
: Iftrue
, logs all successful authentications (defaults tofalse
). Setting this to true causes a great deal of logging information, because each page request is logged.