search cancel

Multiple Function Filters in FWSTrace.conf for SPS and WAOP

book

Article ID: 215192

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder)

Issue/Introduction

 

When running Federation Services on Web Agent Option Pack and CA
Access Gateway (SPS), one might like to know how to remove from the
FWSTrace.log the lines with "plaintext and encoded SAML Responses".

One might try to exclude both from logging by applying the following
filter in FederationTrace.conf:

  Function: !=sendSAMLResponse
  Function: !=processAssertionGeneration

and the result is that only one line of the two is applied.

It seems that only one filter is being taken at time, and it's the
last one defined, not both.

From file FederationTrace.conf, it seems also that there's only 1
filter permitted :

  # FILTERS

  [...]

  # For example:
  #    Function: !=doGet
  #    Function: ==doPost
  # NOTE: Specify only one filter on a line.

 

Resolution

 

Out of the box, only 1 filter at time is configurable.