Enable SSORB OneClick login debug to tomcat web.xml
search cancel

Enable SSORB OneClick login debug to tomcat web.xml

book

Article ID: 205326

calendar_today

Updated On:

Products

CA Spectrum DX NetOps

Issue/Introduction

We are having trouble logging into OneClick with Spectrum Admin. Is there debugging available? 

Environment

Release : All Supported Releases

Component : SPCOCK - Spectrum OneClick

Cause

Since the user is not able to log into OneClick, they would not be able to turn on tomcat "SSORB" login debug from OC Administration pages. 

To workaround this, the debug can be added to web.xml. Upon Tomcat restart, Security SP SSORB login debug will be enabled.

Resolution

You need to enable "Security SP SSORB" debug in the web.mxl file.

1. Open web.xml in an editor: 

%SPECROOT/tomcat/webapps/spectrum/WEB-INF/web.xml

2. Search for "debug.modules" and locate the group which begins with "CollectionsManager" and ends with "ModelingGateway" debugs:

    <init-param>
      <param-name>com.aprisma.spectrum.debug.modules</param-name>
      <param-value>CollectionManager@[email protected]@off;
        ChassisDataModel@CHASSIS@com.aprisma.spectrum.app.topo.web.servlet.chassisDataModel@off;
        InterfacesDataModel@INTERFACES@com.aprisma.spectrum.app.topo.web.servlet.IntrfaceDataModel@off;
        ModelSecurity@[email protected]@off;
        ModelRepository@MODELREPO@com.aprisma.spectrum.app.topo.web.servlet.modelRepository@off;
        MTypeRepository@MTYPEREPO@com.aprisma.spectrum.app.topo.web.servlet.modelTypeRepository@off;
        NeighborTopo@NeighborTopo@com.aprisma.spectrum.app.topo.web.servlet.neighWebTopology@off;
        RelationRepository@RELATIONREPO@com.aprisma.spectrum.app.topo.web.servlet.relationRepository@off;
        ModelLockManager@[email protected]@off;
        CollectionTopology@GCTOPO@com.aprisma.spectrum.app.topo.web.servlet.gblCollectionTopology@off;
        WatchServlet@WATCH@com.aprisma.spectrum.app.topo.web.servlet.spectroWatchServlet@off;
        DupModelManager@[email protected]@off;
        ModelingGateway@MODELINGGATEWAY@com.aprisma.spectrum.app.topo.web.servlet.mdlingGtway@off;
    </param-value>
    </init-param>
    <init-param>

 

3. Add the following SSORB Security SP Debug line to the end of this group:

    <init-param>
      <param-name>com.aprisma.spectrum.debug.modules</param-name>
      <param-value>CollectionManager@[email protected]@off;
        ChassisDataModel@CHASSIS@com.aprisma.spectrum.app.topo.web.servlet.chassisDataModel@off;
        InterfacesDataModel@INTERFACES@com.aprisma.spectrum.app.topo.web.servlet.IntrfaceDataModel@off;
        ModelSecurity@[email protected]@off;
        ModelRepository@MODELREPO@com.aprisma.spectrum.app.topo.web.servlet.modelRepository@off;
        MTypeRepository@MTYPEREPO@com.aprisma.spectrum.app.topo.web.servlet.modelTypeRepository@off;
        NeighborTopo@NeighborTopo@com.aprisma.spectrum.app.topo.web.servlet.neighWebTopology@off;
        RelationRepository@RELATIONREPO@com.aprisma.spectrum.app.topo.web.servlet.relationRepository@off;
        ModelLockManager@[email protected]@off;
        CollectionTopology@GCTOPO@com.aprisma.spectrum.app.topo.web.servlet.gblCollectionTopology@off;
        WatchServlet@WATCH@com.aprisma.spectrum.app.topo.web.servlet.spectroWatchServlet@off;
        DupModelManager@[email protected]@off;
        ModelingGateway@MODELINGGATEWAY@com.aprisma.spectrum.app.topo.web.servlet.mdlingGtway@off;
       SecuritySpSSORB@SecuritySP@SSORB Security SP@on;
     </param-value>  
     </init-param>
     <init-param>

 

4. Save the file. Restart tomcat and tail the log. Attempt to log in and check tomcat log for SecuritySP. <Spectrum_UserName> will be the username attempting to log in.                                                               

$SPECROOT/tomcat/logs

Dec 17, 2020 07:57:49.047 (http-nio-80-exec-6) (SecuritySP) - password match for SHA256
Dec 17, 2020 07:57:49.047 (http-nio-80-exec-6) (SecuritySP) - Got user model: 0x1000064
Dec 17, 2020 07:57:49.048 (http-nio-80-exec-6) (SecuritySP) -  User Model not started , so starting
Dec 17, 2020 07:57:49.051 (http-nio-80-exec-6) (SecuritySP) -  User Model started
Dec 17, 2020 07:57:49.051 (http-nio-80-exec-6) (SecuritySP) - Model Domain List class com.aprisma.spectrum.app.web.domain.FilteredUserModelDomainList
Dec 17, 2020 07:57:49.051 (http-nio-80-exec-6) (SecuritySP) - No roles cached - getting roles from user domain 
Dec 17, 2020 07:57:49.052 (http-nio-80-exec-6) (SecuritySP) - Adding role Service Manager
Dec 17, 2020 07:57:49.052 (http-nio-80-exec-6) (SecuritySP) - Adding role <Spectrum_UserName>
Dec 17, 2020 07:57:49.053 (http-nio-80-exec-6) (SecuritySP) - Adding role Operator
Dec 17, 2020 07:57:49.053 (http-nio-80-exec-6) (SecuritySP) - OUT getUserRoles for <Spectrum_UserName>
Dec 17, 2020 07:57:49.053 (http-nio-80-exec-6) (SecuritySP) - ---------------------------------------

Additional Information

IMPORTANT! This debugging is a manual setting - it will remain on until manually edit the web.xml and change "on" value to "off.". Save the file and restart Tomcat for changes to take effect. 

SecuritySpSSORB@SecuritySP@SSORB Security SP@off;

 

The default level of debug is MAX.

In order to change the default debug level to MIN you need to backup and edit the $SPECROOT/tomcat/webapps/spectrum/debug/debug.jsp file and search for this below entry(it will be at line number 162):

<% int level = DebugLog.getDebugLevel( );            //DebugLog.getDebugLevel() returns MAX by default.

 

Replace the above line with this:

<% int level = 1;                 // 1 indicates MIN, so we are forcefully setting the debug level to MIN with this change.