There are two ways to do it. The first involves logging into the DB via SQLPlus and running the following command.
Select name, editdate from ProtectUser;
The edit date covers password changes so it’s a relatively good proxy for how active a user has been. Since you may not have the protect database password I would have the oracle admins run this and give you the results.
The other way is to look in the tomcat logs for a logon. I used to use programmers notepad (http://pnotepad.org) since it has a find in files function and the latest file the name was in was their last logon time.