ims.policyxpress DEBUG configuration disappears from logging.jsp web page after some while.
Article ID: 196047
Updated On:
Products
CA Identity Manager
CA Identity Governance
CA Identity Portal
CA Identity Suite
Issue/Introduction
We have configured debug feature to be able debug from logging.jsp. In first time it had working at expected ie . ims.policyxpress.
Now it disappeared then come back next day or disappears after some minutes again and stops working.
Cause
By Engineering Team this happens because we don't have any solution right now and challenge is our logger application is depending on 3rd party jar which it self not providing added new logger information to IDM.
This is a workaround where need new logger and being added those component into logging.jsp for a while and this change advised here will be "permanent"
Environment
Release : 14.1, 14.2, 14.3
Component : CA IDENTITY SUITE (VIRTUAL APPLIANCE)
Resolution
Step 1: Create a wildfly User
cd /opt/CA/wildfly-idm/bin/
[email protected] VAPP-14.2.0 (100.17.43.127): > sudo /opt/CA/wildfly-idm/bin/add-user.sh
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): a
Enter the details of the new user to add.
Using realm 'ManagementRealm' as discovered from the existing property files.
Username : config02
Password recommendations are listed below. To modify these restrictions edit the add-user.properties configuration file.
- The password should not be one of the following restricted values {root, admin, administrator}
- The password should contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), 1 non-alphanumeric symbol(s)
- The password should be different from the username
Password :
JBAS015266: Password must have at least 1 digit.
Are you sure you want to use the password entered yes/no? yes
Re-enter Password :
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[ ]:
About to add user 'config02' for realm 'ManagementRealm'
Is this correct yes/no? yes
Added user 'rajesh' to file '/opt/CA/wildfly-idm/standalone/configuration/mgmt-users.properties'
Added user 'rajesh' to file '/opt/CA/wildfly-idm/domain/configuration/mgmt-users.properties'
Added user 'rajesh' with groups to file '/opt/CA/wildfly-idm/standalone/configuration/mgmt-groups.properties'
Added user 'rajesh' with groups to file '/opt/CA/wildfly-idm/domain/configuration/mgmt-groups.properties'
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? no
Now you have the user associated with the Management Realm.
Step 2:
Connect jboss using above user : go to bin folder and type below command
cd /opt/CA/wildfly-idm/bin
./jboss-cli.sh
: You are disconnected at the moment. Type 'connect' to connect to the server or 'help' for the list of supported commands.
[disconnected /]
connect
It will ask user name and password (in the example config02 user)
Authenticating against security realm: ManagementRealm
Username: config02
Password:
[[email protected]:9990 /]
Step 3:
i) To add new logger like "ims.policyxpress" as below
[[email protected]:9990 /] /subsystem=logging/logger=ims.policyxpress:add
"outcome" => "success"}
ii) To read log level for ims.policyxpress:
[[email protected]:9990 /] /subsystem=logging/logger=ims.policyxpress:read-resource
This will show something like this output (notice that level is as "ALL")
{
"outcome" => "success",
"result" => {
"category" => "ims.policyxpress",
"filter" => undefined,
"filter-spec" => undefined,
"handlers" => undefined,
"level" => "ALL",
"use-parent-handlers" => true
}
}
iii) Fix the loglevel to WARN
[[email protected]:9990 /] /subsystem=logging/logger=ims.policyxpress:write-attribute(name=level,value=WARN)
"outcome" => "success"}
iv) read again to confirm that now is WARN:
[[email protected]:9990 /] /subsystem=logging/logger=ims.policyxpress:read-resource
This will show something like this output (notice that level is as "ALL")
{
"outcome" => "success",
"result" => {
"category" => "ims.policyxpress",
"filter" => undefined,
"filter-spec" => undefined,
"handlers" => undefined,
"level" => "WARN",
"use-parent-handlers" => true
}
}
v) Need to restart the application server. restart_im
vi) open logging.jsp web page and verify that now exists ims.policyxpress as WARN available. You may change to DEBUG to do your tests and when you for example view a policy xpress configuration or change will log messaegs in server.log of IM server.
cd /opt/CA/wildfly-idm/bin/
[email protected] VAPP-14.2.0 (100.17.43.127): > sudo /opt/CA/wildfly-idm/bin/add-user.sh
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): a
Enter the details of the new user to add.
Using realm 'ManagementRealm' as discovered from the existing property files.
Username : config02
Password recommendations are listed below. To modify these restrictions edit the add-user.properties configuration file.
- The password should not be one of the following restricted values {root, admin, administrator}
- The password should contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), 1 non-alphanumeric symbol(s)
- The password should be different from the username
Password :
JBAS015266: Password must have at least 1 digit.
Are you sure you want to use the password entered yes/no? yes
Re-enter Password :
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[ ]:
About to add user 'config02' for realm 'ManagementRealm'
Is this correct yes/no? yes
Added user 'rajesh' to file '/opt/CA/wildfly-idm/standalone/configuration/mgmt-users.properties'
Added user 'rajesh' to file '/opt/CA/wildfly-idm/domain/configuration/mgmt-users.properties'
Added user 'rajesh' with groups to file '/opt/CA/wildfly-idm/standalone/configuration/mgmt-groups.properties'
Added user 'rajesh' with groups to file '/opt/CA/wildfly-idm/domain/configuration/mgmt-groups.properties'
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? no
Now you have the user associated with the Management Realm.
Step 2:
Connect jboss using above user : go to bin folder and type below command
cd /opt/CA/wildfly-idm/bin
./jboss-cli.sh
[disconnected /]
connect
It will ask user name and password
Authenticating against security realm: ManagementRealm
Username: config02
Password:
[[email protected]:9990 /]
Step 3:
i) To add new logger like "ims.policyxpress" as below
[[email protected]:9990 /] /subsystem=logging/logger=ims.policyxpress:add
ii) To read log level for ims.policyxpress:
[[email protected]:9990 /] /subsystem=logging/logger=ims.policyxpress:read-resource
This will show something like this output (notice that level is as "ALL")
{
"outcome" => "success",
"result" => {
"category" => "ims.policyxpress",
"filter" => undefined,
"filter-spec" => undefined,
"handlers" => undefined,
"level" => "ALL",
"use-parent-handlers" => true
}
}
iii) Fix the loglevel to WARN
[[email protected]:9990 /] /subsystem=logging/logger=ims.policyxpress:write-attribute(name=level,value=WARN)
iv) read again to confirm that now is WARN:
[[email protected]:9990 /] /subsystem=logging/logger=ims.policyxpress:read-resource
This will show something like this output (notice that level is as "ALL")
{
"outcome" => "success",
"result" => {
"category" => "ims.policyxpress",
"filter" => undefined,
"filter-spec" => undefined,
"handlers" => undefined,
"level" => "WARN",
"use-parent-handlers" => true
}
}
v) Need to restart the application server. restart_im
vi) open logging.jsp web page and verify that now exists ims.policyxpress as WARN available. You may change to DEBUG to do your tests and when you for example view a policy xpress configuration or change will log messaegs in server.log of IM server.
Additional Information
1. Do a backup of your appliance before do this just in case you need roolback if have any issue.
2. Don't change any other wildfly or jboss entry without get instructions from Broadcom Support
Feedback
Powered by
