Logging and Monitoring

Log Files

You can review log files in the logs directory. For Unix installations the logs directory is under the directory the application files are located. For Windows installations it is in the system’s home directory, typically C:\Windows\System32 or C:\Windows\syswow64\.

The logging is configured through a standard log4j2.xml file located in the SSO Connect installation directory. You may change the log4j2.xml file to place your log files anywhere you wish and/or change the logging level.

Protection of Data Files

In the SSO Connect installation folder is a data/ directory. Inside the data directory there are several files. Two of the files contain secret keys generated on the server that must be protected and are utilized to encrypt and decrypt the end-user's auto-generated master passwords. There is also a .sql file which contains a local cache of encrypted data. It is critical that access to this data folder is restricted.

You can add an extra layer of security by utilizing an HSM (Hardware Security Module) as described later in this document. When an HSM is available, an encryption key is generated for each SSO Connect instance and stored securely in the HSM. The encryption key is used to encrypt the critical property files in the data/ folder.