custom assertion
search cancel

custom assertion

book

Article ID: 267898

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

I'm learning to create custom assertions. I'm following this guide
https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-1/policy-assertions/custom-assertions/create-custom-assertions/sample-custom-assertion-traffic-logger.html

I've copied the the file TrafficLoggerSample/build/TrafficLoggerCustomAssertion.jar to /opt/SecureSpan/Gateway/runtime/modules/lib

and sampletrafficloggerca.properties to /opt/SecureSpan/Gateway/node/default/etc/conf/

All files are owned and readable by user layer7

restart the gateway 

but i can't find the "trafficlogger" in the "Logging, Auditing" category

I've also tried to upload /opt/SecureSpan/Gateway/runtime/lib/layer7-api-8.11.01.jar and restart ssg without success. I can't find the "trafficlogger" assertion

 

 

 

Environment

Release : 10.1

Cause

The Java version used not what is documented AdoptOpenJDK (version 11.0.11+9 or higher).

 

 

Resolution

I followed the documentation to install the sample on a gateway 10.1 appliance with a few minor adjusts 

Steps: 

Used appliance Gateway 10.1 with the Customer Assertions SDL installed 

Check GW version:

# rpm -qa ssg

ssg-10.1.00-14326_CR02.noarch

/opt/SecureSpan/JDK

 

Login as ssgconfig then access privilege menu, check java path

# which java

/opt/SecureSpan/JDK/bin/java

 

Check Java version

# java -version

openjdk version "11.0.15" 2022-04-19

OpenJDK Runtime Environment Temurin-11.0.15+10 (build 11.0.15+10)

OpenJDK 64-Bit Server VM Temurin-11.0.15+10 (build 11.0.15+10, mixed mode)

 

Check if JAVA_HOME set

# echo $JAVA_HOME

/opt/SecureSpan/JDK

 

UNZIP CustomAssertion_dev_kit-10.1.00.11620.zip to /opt folder

 

Executed Gradle command

# cd /opt/CustomAssertionAPI-10.1.00.11620

# ./gradlew build

 

Different from DOCS copy JAR file from LIBS folder:

#cp /opt/CustomAssertionAPI-10.1.00.11620/TrafficLoggerSample/build/libs/TrafficLoggerSampleCustomAssertion.jar /opt/SecureSpan/Gateway/runtime/modules/lib

 

Modified Properties file location

# vi /opt/CustomAssertionAPI-10.1.00.11620/TrafficLoggerSample/src/main/resources/sampletrafficloggerca.properties

# the path of the file that will record traffic information

# loggerpath=/ssg/logs/traffic.log

loggerpath=/opt/SecureSpan/Gateway/node/default/var/logs/traffic.log

 

# the maximum size of the records before the file is rotated

maxfilesizeinbytes=5242880



Copy properties file 

#cp /opt/CustomAssertionAPI-10.1.00.11620/TrafficLoggerSample/src/main/resources/sampletrafficloggerca.properties /opt/SecureSpan/Gateway/node/default/etc/conf/

 

Check OWNER and Permissions for JAR file

# cd /opt/SecureSpan/Gateway/runtime/modules/lib

# chown layer7:layer7 *

# ls -la

total 92

drwxr-xr-x 2 layer7 layer7  4096 Jun 14 04:13 .

drwxr-xr-x 5 layer7 layer7  4096 Oct 12  2022 ..

-r--r--r-- 1 layer7 layer7 63875 Oct 12  2022 OpenIDConnectAssertion-b801.jar

-rw-r--r-- 1 layer7 layer7 14971 Jun 14 04:13 TrafficLoggerSampleCustomAssertion.jar

 

Check OWNER and Permissions for PROPERTIES file

# cd /opt/SecureSpan/Gateway/node/default/etc/conf/

# chown layer7:gateway *

# ls -la

total 40

drwxr-s--- 2 layer7 gateway 4096 Jun 14 04:11 .

drwxr-x--- 4 layer7 gateway 4096 Oct 12  2022 ..

-rw-rw-r-- 1 layer7 gateway  537 Sep 15  2022 node.properties

-rw-r----- 1 layer7 gateway   42 Oct 12  2022 omp.dat

-rw-r--r-- 1 layer7 gateway  253 Jun 14 04:11 sampletrafficloggerca.properties

-rw-r----- 1 layer7 gateway 1291 Jun  7 08:29 ssglog.properties

-rw-r----- 1 layer7 gateway 2931 Nov 17  2022 system.properties

-rw-r----- 1 layer7 gateway 1755 Aug 26  2022 system.properties.rpmnew

-rw-r----- 1 layer7 gateway 1189 Oct 12  2022 telemetry.properties

-rw-r----- 1 layer7 gateway 1674 Oct 12  2022 trusted_signers

 

STARTED Gateway 

 

Check Policy Manager and logs for new assertions

LOGS: loaded new assertion (I did change log/levels to FINEST):

 

2023-06-14T04:16:08.172-0700 INFO    1 com.l7tech.server.policy.module.ModulesScanner: Checking module with updated timestamp: TrafficLoggerSampleCustomAssertion.jar

2023-06-14T04:16:08.176-0700 FINE    1 com.l7tech.server.policy.custom.a: registering [; name='TrafficLogger.Assertion'; categories=[LoggingAuditingAlerts]; assertion=com.l7tech.samples.customassertion.trafficlogger.TrafficLoggerCustomAssertion; serverAssertion=com.l7tech.samples.customassertion.trafficlogger.TrafficLoggerServiceInvocation; editorClass=null]com.l7tech.gateway.common.custom.CustomAssertionDescriptor@5d2d89a6

2023-06-14T04:16:08.177-0700 INFO    1 com.l7tech.server.policy.module.CustomAssertionsScanner: Registered custom assertion com.l7tech.samples.customassertion.trafficlogger.TrafficLoggerCustomAssertion from module TrafficLoggerSampleCustomAssertion.jar

2023-06-14T04:16:08.177-0700 FINEST  1 com.l7tech.server.policy.module.CustomAssertionsScanner: Custom assertion [; name='TrafficLogger.Assertion'; categories=[LoggingAuditingAlerts]; assertion=com.l7tech.samples.customassertion.trafficlogger.TrafficLoggerCustomAssertion; serverAssertion=com.l7tech.samples.customassertion.trafficlogger.TrafficLoggerServiceInvocation; editorClass=null]com.l7tech.gateway.common.custom.CustomAssertionDescriptor@5d2d89a6



Policy Manager:

Powered by Wolken Software