Parameter
login/show_detailed_errors
Short text
Show detailed error messages at logon
Parameter Description
If a logon attempt fails, in some cases detailed error messages are displayed that could provide a possible attacker with information about the existence of a user. On the other hand, error messages of this type are very helpful for legitimate users and can help to reduce queries to the system administrator. You can use this profile parameter to choose the desired behavior.
The Security Audit Log and the trace information contain the detailed error codes in any case (see also: SAP Note 320991), to allow the system operator to analyze logon problems.
Examples of (too) detailed error messages:
– Password logon no longer possible – too many failed attempts
– You have no password; you cannot log on using a password
– Password was not used for a long period and therefore deactivated
– SNC required for this connection
– SNC name and specified user/client do not match
– Log on using SSO ticket denied due to security guideline
If login/show_detailed_errors = 0 is set, only the following general error message is always displayed instead of the detailed error messages:
– Name or password is incorrect (repeat logon)
Application Area
Logon
Default Value
1
Who is permitted to make changes?
Customer
Values allowed
Value Meaning
0 Only display general error message
1 Display detailed error messages
