Menu Close
Settings Close

Language and Page Formatting Options

Red Hat Training

A Red Hat training course is available for JBoss Enterprise Application Platform Common Criteria Certification

2.5.2. Configuring Audit Logging

Audit logging can be configured to print authentication and authorization information for each thread and EJB call.


The logging of individual requests is a resource intensive activity. It is recommended that you test the impact that this will have on your server and application performance before enabling this level of logging on a production server.
You enable this level of logging by making the following changes to ${JBOSS_HOME}/server/production/conf/jboss-log4.xml:
  1. Set the logging level of the SecurityInterceptor class to TRACE by adding the following element to the root element:
    <category name="org.jboss.ejb.plugins.SecurityInterceptor">
          <priority value="TRACE" />
  2. Update the ConversionPattern parameter in the appender/layout element to show thread information by replacing the Default Pattern with the Full Pattern:
    <!--The full pattern: Date MS Priority [Category] (Thread:NDC) Message -->
    <param name="ConversionPattern" value="%d %-5r %-5p [%c] (%t:%x) %m%n"/>
If you need additional logging for web-based requests, uncomment the AccessLogValve in deploy/jboss-web.deployer/server.xml.
<Valve className="org.apache.catalina.valves.AccessLogValve"
  prefix="localhost_access_log." suffix=".log"
  pattern="common" directory="${jboss.server.home.dir}/log"
  resolveHosts="false" />
The access log is saved in the log directory of the server configuration.